mysql-connector-python@8.1.0 vulnerabilities

A self-contained Python driver for communicating with MySQL servers, using an API that is compliant with the Python Database API Specification v2.0 (PEP 249).

Direct Vulnerabilities

Known vulnerabilities in the mysql-connector-python package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Access Control Bypass

mysql-connector-python is a MySQL driver written in Python which does not depend on MySQL C client libraries and implements the DB API v2.0 specification (PEP-249).

Affected versions of this package are vulnerable to Access Control Bypass via multiple protocols. An attacker can take over the MySQL Connectors by exploiting network access with low privileges.

How to fix Access Control Bypass?

Upgrade mysql-connector-python to version 9.1.0 or higher.

[,9.1.0)
  • H
Denial of Service (DoS)

mysql-connector-python is a MySQL driver written in Python which does not depend on MySQL C client libraries and implements the DB API v2.0 specification (PEP-249).

Affected versions of this package are vulnerable to Denial of Service (DoS) allowing an unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors.

How to fix Denial of Service (DoS)?

Upgrade mysql-connector-python to version 8.4.0 or higher.

[,8.4.0)