Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/mysql/mysql-connector-java@8.0.28

Type maven

Namespace mysql

Name mysql-connector-java

Version 8.0.28

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-ked3-zdsm-quf3

vulnerability_id

VCID-ked3-zdsm-quf3

summary

Improper Access Control
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22102.json

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22102.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-22102

reference_id

reference_type

scores

value	0.03493
scoring_system	epss
scoring_elements	0.87835
published_at	2026-06-08T12:55:00Z

value	0.03493
scoring_system	epss
scoring_elements	0.87809
published_at	2026-06-04T12:55:00Z

value	0.03493
scoring_system	epss
scoring_elements	0.8783
published_at	2026-06-05T12:55:00Z

value	0.03493
scoring_system	epss
scoring_elements	0.87833
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-22102

reference_url

https://github.com/mysql/mysql-connector-j

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	8.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/mysql/mysql-connector-j

reference_url

https://github.com/mysql/mysql-connector-j/compare/8.1.0...8.2.0

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	8.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/mysql/mysql-connector-j/compare/8.1.0...8.2.0

reference_url

https://security.netapp.com/advisory/ntap-20231027-0007

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	8.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20231027-0007

reference_url

https://security.netapp.com/advisory/ntap-20231027-0007/

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T15:27:01Z/

url

https://security.netapp.com/advisory/ntap-20231027-0007/

reference_url

https://www.oracle.com/security-alerts/cpuoct2023.html

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	8.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T15:27:01Z/

url

https://www.oracle.com/security-alerts/cpuoct2023.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2256474
reference_id	2256474
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2256474

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-22102

reference_id

CVE-2023-22102

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	8.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-22102

reference_url

https://github.com/advisories/GHSA-m6vm-37g8-gqvh

reference_id

GHSA-m6vm-37g8-gqvh

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-m6vm-37g8-gqvh

fixed_packages

aliases

CVE-2023-22102, GHSA-m6vm-37g8-gqvh

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-ked3-zdsm-quf3

Fixing_vulnerabilities

url VCID-k4f8-83mc-t3h4

vulnerability_id VCID-k4f8-83mc-t3h4

summary

Unknown Vulnerability
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21363.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21363.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-21363

reference_id

reference_type

scores

value	0.00754
scoring_system	epss
scoring_elements	0.73628
published_at	2026-06-06T12:55:00Z

value	0.00754
scoring_system	epss
scoring_elements	0.73588
published_at	2026-06-04T12:55:00Z

value	0.00754
scoring_system	epss
scoring_elements	0.73601
published_at	2026-06-08T12:55:00Z

value	0.00754
scoring_system	epss
scoring_elements	0.73624
published_at	2026-06-05T12:55:00Z

value	0.00754
scoring_system	epss
scoring_elements	0.73615
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-21363

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-24T17:38:01Z/

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2047343
reference_id	2047343
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2047343

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-21363

reference_id

CVE-2022-21363

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-21363

reference_url

https://github.com/advisories/GHSA-g76j-4cxx-23h9

reference_id

GHSA-g76j-4cxx-23h9

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-g76j-4cxx-23h9

reference_url	https://access.redhat.com/errata/RHSA-2022:4623
reference_id	RHSA-2022:4623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4623

reference_url	https://access.redhat.com/errata/RHSA-2022:4918
reference_id	RHSA-2022:4918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4918

reference_url	https://access.redhat.com/errata/RHSA-2022:4919
reference_id	RHSA-2022:4919
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4919

reference_url	https://access.redhat.com/errata/RHSA-2022:4922
reference_id	RHSA-2022:4922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4922

reference_url	https://access.redhat.com/errata/RHSA-2022:5532
reference_id	RHSA-2022:5532
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5532

fixed_packages

url pkg:maven/mysql/mysql-connector-java@8.0.28

purl pkg:maven/mysql/mysql-connector-java@8.0.28

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ked3-zdsm-quf3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@8.0.28

aliases CVE-2022-21363, GHSA-g76j-4cxx-23h9

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k4f8-83mc-t3h4

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@8.0.28

Package Instance