exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2025-62611

около 2 месяцев назад

aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL server that emulates authorization, ignores client flags and requests arbitrary files from the client by sending a LOAD_LOCAL instruction packet. This issue has been patched in version 0.3.0.

EPSS: Низкий

CVE-2025-62611

около 2 месяцев назад

aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL server that emulates authorization, ignores client flags and requests arbitrary files from the client by sending a LOAD_LOCAL instruction packet. This issue has been patched in version 0.3.0.

EPSS: Низкий

CVE-2025-62611

около 2 месяцев назад

aiomysql is a library for accessing a MySQL database from the asyncio. ...

EPSS: Низкий

GHSA-r397-ff8c-wv2g

около 2 месяцев назад

aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server

EPSS: Низкий

BDU:2025-15607

около 2 месяцев назад

Уязвимость библиотеки доступа к базе данных MySQL aiomysql, связанная с внешним контролем имени файла или пути, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 9.8

EPSS: Низкий

ROS-20251124-09

25 дней назад

Уязвимость python3-aiomysql

CVSS3: 9.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-62611 aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL server that emulates authorization, ignores client flags and requests arbitrary files from the client by sending a LOAD_LOCAL instruction packet. This issue has been patched in version 0.3.0.		0% Низкий	около 2 месяцев назад
CVE-2025-62611 aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL server that emulates authorization, ignores client flags and requests arbitrary files from the client by sending a LOAD_LOCAL instruction packet. This issue has been patched in version 0.3.0.		0% Низкий	около 2 месяцев назад
CVE-2025-62611 aiomysql is a library for accessing a MySQL database from the asyncio. ...		0% Низкий	около 2 месяцев назад
GHSA-r397-ff8c-wv2g aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server		0% Низкий	около 2 месяцев назад
BDU:2025-15607 Уязвимость библиотеки доступа к базе данных MySQL aiomysql, связанная с внешним контролем имени файла или пути, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 9.8	0% Низкий	около 2 месяцев назад
ROS-20251124-09 Уязвимость python3-aiomysql	CVSS3: 9.8	0% Низкий	25 дней назад

Уязвимостей на страницу