Vulnerability	Vulnerable Version
M Arbitrary File Read mysql-connector-python is a MySQL driver written in Python which does not depend on MySQL C client libraries and implements the DB API v2.0 specification (PEP-249). Affected versions of this package are vulnerable to Arbitrary File Read when executing `LOCAL INFILE` statements due to improper validation of the `filename` field. An attacker could access critical data by exploiting this vulnerability. How to fix Arbitrary File Read? Upgrade `mysql-connector-python` to version 9.3.0 or higher.	[,9.3.0)
H Access Control Bypass mysql-connector-python is a MySQL driver written in Python which does not depend on MySQL C client libraries and implements the DB API v2.0 specification (PEP-249). Affected versions of this package are vulnerable to Access Control Bypass via multiple protocols. An attacker can take over the MySQL Connectors by exploiting network access with low privileges. How to fix Access Control Bypass? Upgrade `mysql-connector-python` to version 9.1.0 or higher.	[,9.1.0)
H Denial of Service (DoS) mysql-connector-python is a MySQL driver written in Python which does not depend on MySQL C client libraries and implements the DB API v2.0 specification (PEP-249). Affected versions of this package are vulnerable to Denial of Service (DoS) allowing an unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. How to fix Denial of Service (DoS)? Upgrade `mysql-connector-python` to version 8.4.0 or higher.	[,8.4.0)

Go back to all versions of this package