Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-n29s-edfg-ybbz

Summary mysql: Privilege Misuse in MySQL Server Security Component

Aliases

alias	CVE-2025-21546

Fixed_packages

url	pkg:deb/debian/mysql-8.0@8.0.41-1?distro=sid
purl	pkg:deb/debian/mysql-8.0@8.0.41-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-8.0@8.0.41-1%3Fdistro=sid

url	pkg:deb/debian/mysql-8.0@8.0.45-1?distro=sid
purl	pkg:deb/debian/mysql-8.0@8.0.45-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-8.0@8.0.45-1%3Fdistro=sid

url	pkg:deb/debian/mysql-8.0@8.0.46-1?distro=sid
purl	pkg:deb/debian/mysql-8.0@8.0.46-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-8.0@8.0.46-1%3Fdistro=sid

Affected_packages

url pkg:rpm/redhat/mysql@8.0.41-2?arch=el9_5

purl pkg:rpm/redhat/mysql@8.0.41-2?arch=el9_5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1nrb-rkfk-skcs

vulnerability	VCID-1uaf-g9j6-b7aq

vulnerability	VCID-2x29-qua3-hqhn

vulnerability	VCID-49pm-zq8j-zkcp

vulnerability	VCID-4fyr-htgz-ekbm

vulnerability	VCID-4svk-dd8j-bub9

vulnerability	VCID-5rqd-z1yh-j7e9

vulnerability	VCID-656v-gkdz-aqbr

vulnerability	VCID-6q82-uqt4-tua4

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-971x-csw5-tqbb

vulnerability	VCID-97k8-xbsv-87da

vulnerability	VCID-9thc-he15-puav

vulnerability	VCID-bexa-vrnu-6qfd

vulnerability	VCID-bfv6-sbnh-5uh5

vulnerability	VCID-bvks-r4se-afft

vulnerability	VCID-cvuu-3h7s-u3b4

vulnerability	VCID-dmsh-sn3k-tuct

vulnerability	VCID-dmz5-czt2-hkdz

vulnerability	VCID-en2e-w1q9-kydd

vulnerability	VCID-f7wz-1e7k-ckf7

vulnerability	VCID-f81r-m71k-ubck

vulnerability	VCID-hhc8-m4x1-f3d8

vulnerability	VCID-hspu-8a9m-wqgx

vulnerability	VCID-j5f6-pte2-w7bg

vulnerability	VCID-jpqr-hknn-6fd9

vulnerability	VCID-jv6k-hx8z-zbd3

vulnerability	VCID-kc65-j2c9-zbb4

vulnerability	VCID-mhmg-hgaw-guam

vulnerability	VCID-mjrn-9eaq-9fd9

vulnerability	VCID-mt45-5esq-j7hn

vulnerability	VCID-n29s-edfg-ybbz

vulnerability	VCID-paqq-yb9n-v3h1

vulnerability	VCID-pjap-71y9-7ydt

vulnerability	VCID-r1wz-evg7-2qf2

vulnerability	VCID-r44p-bdf5-quay

vulnerability	VCID-rhj1-htvj-1qcs

vulnerability	VCID-rmjq-hppb-1qa4

vulnerability	VCID-u7eb-cjgg-d7f1

vulnerability	VCID-v938-xjj2-1ub8

vulnerability	VCID-vakq-qnu4-3kgy

vulnerability	VCID-vhqr-1w8g-syfs

vulnerability	VCID-vqnk-47mg-dycs

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-wqv6-96cm-f3ec

vulnerability	VCID-y2g3-7eyv-buba

vulnerability	VCID-ywr6-pt9c-tkb5

vulnerability	VCID-yxvn-sna2-zbbd

vulnerability	VCID-zhvk-mwgs-f3hj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mysql@8.0.41-2%3Farch=el9_5

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21546.json

reference_id

reference_type

scores

value	3.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21546.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-21546

reference_id

reference_type

scores

value	0.00094
scoring_system	epss
scoring_elements	0.26278
published_at	2026-04-02T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.25972
published_at	2026-05-14T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.25877
published_at	2026-05-11T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.25894
published_at	2026-05-12T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.2632
published_at	2026-04-04T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26092
published_at	2026-04-07T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26159
published_at	2026-04-08T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26208
published_at	2026-04-09T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26216
published_at	2026-04-11T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.2617
published_at	2026-04-12T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26111
published_at	2026-04-13T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26116
published_at	2026-04-16T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26094
published_at	2026-04-18T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26058
published_at	2026-04-21T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.25997
published_at	2026-04-24T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.25993
published_at	2026-04-26T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.25945
published_at	2026-04-29T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.25835
published_at	2026-05-05T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.25895
published_at	2026-05-07T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.2595
published_at	2026-05-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-21546

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093877
reference_id	1093877
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093877

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2339299
reference_id	2339299
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2339299

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_server:8.0.40_and_prior:::::::*
reference_id	cpe:2.3:a:oracle:mysql_server:8.0.40_and_prior:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_server:8.0.40_and_prior:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_server:8.4.3_and_prior:::::::*
reference_id	cpe:2.3:a:oracle:mysql_server:8.4.3_and_prior:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_server:8.4.3_and_prior:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_server:9.1.0_and_prior:::::::*
reference_id	cpe:2.3:a:oracle:mysql_server:9.1.0_and_prior:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_server:9.1.0_and_prior:::::::*

reference_url

https://www.oracle.com/security-alerts/cpujan2025.html

reference_id

cpujan2025.html

reference_type

scores

value	3.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-22T17:58:06Z/

url

https://www.oracle.com/security-alerts/cpujan2025.html

reference_url	https://access.redhat.com/errata/RHSA-2025:1671
reference_id	RHSA-2025:1671
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1671

reference_url	https://access.redhat.com/errata/RHSA-2025:1673
reference_id	RHSA-2025:1673
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1673

reference_url	https://usn.ubuntu.com/7245-1/
reference_id	USN-7245-1
reference_type
scores
url	https://usn.ubuntu.com/7245-1/

Weaknesses

cwe_id	269
name	Improper Privilege Management
description	The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Exploits

Severity_range_score 3.8 - 3.8

Exploitability 0.5

Weighted_severity 3.4

Risk_score 1.7

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n29s-edfg-ybbz

Vulnerability Instance