Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/mysql/mysql-connector-java@5.1.42
Typemaven
Namespacemysql
Namemysql-connector-java
Version5.1.42
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version8.0.16
Latest_non_vulnerable_version8.0.28
Affected_by_vulnerabilities
0
url VCID-cyzx-2kst-hqe3
vulnerability_id VCID-cyzx-2kst-hqe3
summary 
Improper Access Control
A vulnerability in the MySQL Connectors component of Oracle MySQL exists. Successful attacks of this vulnerability can result in takeover of MySQL Connectors.
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:1545
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:07Z/
url https://access.redhat.com/errata/RHSA-2019:1545
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-3258
reference_id
reference_type
scores
0
value 0.04126
scoring_system epss
scoring_elements 0.88819
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-3258
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://security.netapp.com/advisory/ntap-20181018-0002
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20181018-0002
4
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:07Z/
url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
5
reference_url http://www.securityfocus.com/bid/105589
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:07Z/
url http://www.securityfocus.com/bid/105589
6
reference_url http://www.securitytracker.com/id/1041888
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:07Z/
url http://www.securitytracker.com/id/1041888
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-3258
reference_id CVE-2018-3258
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-3258
fixed_packages
0
url pkg:maven/mysql/mysql-connector-java@8.0.13
purl pkg:maven/mysql/mysql-connector-java@8.0.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pf75-2mse-rubb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@8.0.13
aliases CVE-2018-3258, GHSA-4vrv-ch96-6h42
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cyzx-2kst-hqe3
1
url VCID-pf75-2mse-rubb
vulnerability_id VCID-pf75-2mse-rubb
summary 
Improper Input Validation
Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and can result in takeover of MySQL Connectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-2692
reference_id
reference_type
scores
0
value 0.01012
scoring_system epss
scoring_elements 0.77425
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-2692
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://security.netapp.com/advisory/ntap-20190423-0002
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190423-0002
3
reference_url https://security.netapp.com/advisory/ntap-20190423-0002/
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:48Z/
url https://security.netapp.com/advisory/ntap-20190423-0002/
4
reference_url https://snyk.io/vuln/SNYK-JAVA-MYSQL-174574
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JAVA-MYSQL-174574
5
reference_url http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:48Z/
url http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
6
reference_url http://www.securityfocus.com/bid/107925
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:48Z/
url http://www.securityfocus.com/bid/107925
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-2692
reference_id CVE-2019-2692
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-2692
8
reference_url https://github.com/advisories/GHSA-jcq3-cprp-m333
reference_id GHSA-jcq3-cprp-m333
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jcq3-cprp-m333
fixed_packages
0
url pkg:maven/mysql/mysql-connector-java@8.0.16
purl pkg:maven/mysql/mysql-connector-java@8.0.16
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@8.0.16
aliases CVE-2019-2692, GHSA-jcq3-cprp-m333
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pf75-2mse-rubb
Fixing_vulnerabilities
0
url VCID-fz6y-4yam-qyby
vulnerability_id VCID-fz6y-4yam-qyby
summary 
Incorrect Privilege Assignment
Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-3589
reference_id
reference_type
scores
0
value 0.00167
scoring_system epss
scoring_elements 0.37485
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-3589
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url http://www.debian.org/security/2017/dsa-3857
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:31Z/
url http://www.debian.org/security/2017/dsa-3857
3
reference_url http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:31Z/
url http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
4
reference_url http://www.securityfocus.com/bid/97836
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:31Z/
url http://www.securityfocus.com/bid/97836
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-3589
reference_id CVE-2017-3589
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-3589
6
reference_url https://github.com/advisories/GHSA-cjcf-wm2p-59h5
reference_id GHSA-cjcf-wm2p-59h5
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cjcf-wm2p-59h5
fixed_packages
0
url pkg:maven/mysql/mysql-connector-java@5.1.42
purl pkg:maven/mysql/mysql-connector-java@5.1.42
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cyzx-2kst-hqe3
1
vulnerability VCID-pf75-2mse-rubb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@5.1.42
aliases CVE-2017-3589, GHSA-cjcf-wm2p-59h5
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fz6y-4yam-qyby
1
url VCID-yvps-5an5-m3a6
vulnerability_id VCID-yvps-5an5-m3a6
summary 
Privilege
An easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-3586
reference_id
reference_type
scores
0
value 0.00802
scoring_system epss
scoring_elements 0.74397
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-3586
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url http://www.debian.org/security/2017/dsa-3857
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:34Z/
url http://www.debian.org/security/2017/dsa-3857
3
reference_url http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:34Z/
url http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
4
reference_url http://www.securityfocus.com/bid/97784
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:34Z/
url http://www.securityfocus.com/bid/97784
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-3586
reference_id CVE-2017-3586
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-3586
6
reference_url https://github.com/advisories/GHSA-pwh7-92h3-mqr6
reference_id GHSA-pwh7-92h3-mqr6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pwh7-92h3-mqr6
fixed_packages
0
url pkg:maven/mysql/mysql-connector-java@5.1.42
purl pkg:maven/mysql/mysql-connector-java@5.1.42
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cyzx-2kst-hqe3
1
vulnerability VCID-pf75-2mse-rubb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@5.1.42
aliases CVE-2017-3586, GHSA-pwh7-92h3-mqr6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yvps-5an5-m3a6
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@5.1.42