Oracle Mysql Connectors — known CVE vulnerabilities
Every CVE whose affected-product data names Oracle Mysql Connectors, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (18)
CVE-2021-3711 — CVSS 9.8 (critical): In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application…
CVE-2022-21824 — CVSS 8.2 (high): Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the…
CVE-2019-2435 — CVSS 8.1 (high): Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are…
CVE-2025-30706 — CVSS 7.5 (high): Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are…
CVE-2020-1967 — CVSS 7.5 (high): Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer…
CVE-2021-44531 — CVSS 7.4 (high): Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in…
CVE-2021-3450 — CVSS 7.4 (high): The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by…
CVE-2021-3712 — CVSS 7.4 (high): ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a…
CVE-2022-21363 — CVSS 6.6 (medium): Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and…
CVE-2024-21262 — CVSS 6.5 (medium): Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Supported versions that are affected are 9.0.0…
CVE-2017-3586 — CVSS 6.4 (medium): Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are…
CVE-2019-10219 — CVSS 6.1 (medium): A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of…
CVE-2021-3449 — CVSS 5.9 (medium): An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation…
CVE-2021-2471 — CVSS 5.9 (medium): Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and…
CVE-2023-21971 — CVSS 5.3 (medium): Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.32 and…
CVE-2021-44532 — CVSS 5.3 (medium): Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format. It uses this string to…
CVE-2021-44533 — CVSS 5.3 (medium): Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could…
CVE-2025-30714 — CVSS 4.8 (medium): Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are…