Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-y4mm-ffe6-jkhp
Summary
Multiple vulnerabilities have been found in MySQL, allowing
    attackers to execute arbitrary code or cause Denial of Service.
Aliases
0
alias CVE-2012-2122
Fixed_packages
0
url pkg:ebuild/dev-db/mysql@5.1.70
purl pkg:ebuild/dev-db/mysql@5.1.70
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-db/mysql@5.1.70
Affected_packages
0
url pkg:rpm/redhat/mysql@5.1.66-1?arch=el6_3
purl pkg:rpm/redhat/mysql@5.1.66-1?arch=el6_3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2pdc-j83s-h7hh
1
vulnerability VCID-2vb6-exwh-sybh
2
vulnerability VCID-6fhd-9qpt-tfae
3
vulnerability VCID-6wgd-zetu-myef
4
vulnerability VCID-7w4n-33x1-tqcq
5
vulnerability VCID-96an-9mvp-3kat
6
vulnerability VCID-9te6-rj9t-3fgb
7
vulnerability VCID-h2g4-xr4z-ryh1
8
vulnerability VCID-hz26-3f11-efbh
9
vulnerability VCID-jwr1-6v3s-v3ff
10
vulnerability VCID-mwch-ragz-pycf
11
vulnerability VCID-pvbw-e9jc-wuam
12
vulnerability VCID-s5u4-c3yc-nqgd
13
vulnerability VCID-s9t5-5q6j-hqd9
14
vulnerability VCID-w3av-8ree-5bhp
15
vulnerability VCID-wtwz-tx65-9yag
16
vulnerability VCID-y4mm-ffe6-jkhp
17
vulnerability VCID-yt8v-vgf9-ykgw
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mysql@5.1.66-1%3Farch=el6_3
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2122.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2122.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-2122
reference_id
reference_type
scores
0
value 0.93918
scoring_system epss
scoring_elements 0.99878
published_at 2026-04-11T12:55:00Z
1
value 0.93918
scoring_system epss
scoring_elements 0.99879
published_at 2026-04-24T12:55:00Z
2
value 0.93918
scoring_system epss
scoring_elements 0.9988
published_at 2026-04-18T12:55:00Z
3
value 0.94058
scoring_system epss
scoring_elements 0.99901
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-2122
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=814605
reference_id 814605
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=814605
3
reference_url https://security.gentoo.org/glsa/201308-06
reference_id GLSA-201308-06
reference_type
scores
url https://security.gentoo.org/glsa/201308-06
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/19092.py
reference_id OSVDB-82804;CVE-2012-2122
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/19092.py
5
reference_url https://access.redhat.com/errata/RHSA-2012:1462
reference_id RHSA-2012:1462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1462
6
reference_url https://usn.ubuntu.com/1467-1/
reference_id USN-1467-1
reference_type
scores
url https://usn.ubuntu.com/1467-1/
Weaknesses
0
cwe_id 704
name Incorrect Type Conversion or Cast
description The product does not correctly convert an object, resource, or structure from one type to a different type.
1
cwe_id 393
name Return of Wrong Status Code
description A function or operation returns an incorrect return value or status code that does not indicate an error, but causes the product to modify its behavior based on the incorrect result.
2
cwe_id 305
name Authentication Bypass by Primary Weakness
description The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.
Exploits
0
date_added 2012-06-12
description MySQL - Authentication Bypass
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2012-06-12
exploit_type remote
platform multiple
source_date_updated 2016-12-05
data_source Exploit-DB
source_url
1
date_added null
description 
This module exploits a password bypass vulnerability in MySQL in order
        to extract the usernames and encrypted password hashes from a MySQL server.
        These hashes are stored as loot for later cracking.

        Impacts MySQL versions:
        - 5.1.x before 5.1.63
        - 5.5.x before 5.5.24
        - 5.6.x before 5.6.6

        And MariaDB versions:
        - 5.1.x before 5.1.62
        - 5.2.x before 5.2.12
        - 5.3.x before 5.3.6
        - 5.5.x before 5.5.23
required_action null
due_date null
notes 
{}
known_ransomware_campaign_use false
source_date_published 2012-06-09
exploit_type null
platform
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/scanner/mysql/mysql_authbypass_hashdump.rb
Severity_range_scorenull
Exploitability2.0
Weighted_severity0.8
Risk_score1.6
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-y4mm-ffe6-jkhp