Source: mysql-connector-python Version: 9.2.0-1 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi, The following vulnerability was published for mysql-connector-python. CVE-2025-30714[0]: | Vulnerability in the MySQL Connectors product of Oracle MySQL | (component: Connector/Python). Supported versions that are affected | are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low | privileged attacker with network access via multiple protocols to | compromise MySQL Connectors. Successful attacks require human | interaction from a person other than the attacker. Successful | attacks of this vulnerability can result in unauthorized access to | critical data or complete access to all MySQL Connectors accessible | data. CVSS 3.1 Base Score 4.8 (Confidentiality impacts). CVSS | Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N). If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2025-30714 https://www.cve.org/CVERecord?id=CVE-2025-30714 Regards, Salvatore
