Description

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Remediation

References

CVE-2024-21090

Related Vulnerabilities

PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0060)

WordPress Plugin SendGrid Cross-Site Scripting (1.10.7)

PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2011-0754)

MediaWiki Use of Insufficiently Random Values Vulnerability (CVE-2023-22912)

Drupal Core 8.6.x Multiple Vulnerabilities (8.6.0 - 8.6.5)

Severity

High

Classification

CVE-2024-21090 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities