24 matches found
ROOT-APP-PYPI-CVE-2025-62611 CVE-2025-62611 in rootio-aiomysql - Patched by Root
Root has patched CVE-2025-62611 in the rootio-aiomysql package for Root:PyPI. Multiple fixed versions available...
ROS-20251124-09
The vulnerability of the MySQL database access library aiomysql is related to the fact that client-side settings are not checked before sending local files to a remote MySQL server. client side settings are not checked before sending local files to a remote MySQL server. Exploitation vulnerabilit...
OESA-2025-2675 python-aiomysql security update
aiomysql is a "driver" for accessing a MySQL database from the asyncio PEP-3156/tulip framework. It depends on and reuses most parts of PyMySQL . aiomysql tries to be like awesome aiopg library and preserve same api, look and feel. Security Fixes: aiomysql is a library for accessing a MySQL...
Arbitrary Client-Side File Disclosure
aiomysql is vulnerable to Arbitrary Client-Side File Disclosure. The vulnerability is due to the client not validating server requests for local files, and attackers can exploit this by running a rogue MySQL server that sends LOADLOCAL packets to request and retrieve arbitrary files from the clie...
OESA-2025-2618 python-aiomysql security update
aiomysql is a "driver" for accessing a MySQL database from the asyncio PEP-3156/tulip framework. It depends on and reuses most parts of PyMySQL . aiomysql tries to be like awesome aiopg library and preserve same api, look and feel. Security Fixes: aiomysql is a library for accessing a MySQL...
OESA-2025-2619 python-aiomysql security update
aiomysql is a "driver" for accessing a MySQL database from the asyncio PEP-3156/tulip framework. It depends on and reuses most parts of PyMySQL . aiomysql tries to be like awesome aiopg library and preserve same api, look and feel. Security Fixes: aiomysql is a library for accessing a MySQL...
OESA-2025-2617 python-aiomysql security update
aiomysql is a "driver" for accessing a MySQL database from the asyncio PEP-3156/tulip framework. It depends on and reuses most parts of PyMySQL . aiomysql tries to be like awesome aiopg library and preserve same api, look and feel. Security Fixes: aiomysql is a library for accessing a MySQL...
OESA-2025-2616 python-aiomysql security update
aiomysql is a "driver" for accessing a MySQL database from the asyncio PEP-3156/tulip framework. It depends on and reuses most parts of PyMySQL . aiomysql tries to be like awesome aiopg library and preserve same api, look and feel. Security Fixes: aiomysql is a library for accessing a MySQL...
Linux Distros Unpatched Vulnerability : CVE-2025-62611
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client- side settings are not checked before sending local...
DEBIAN-CVE-2025-62611
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
CVE-2025-62611
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
UBUNTU-CVE-2025-62611
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
CVE-2025-62611
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
CVE-2025-62611
Summary: CVE-2025-62611 affects the aiomysql Python library used to access MySQL from asyncio. Prior to version 0.3.0, client-side settings are not validated before sending local files to the server, enabling a rogue MySQL server to request arbitrary client files via a LOAD_LOCAL packet. This vul...
CVE-2025-62611 aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
EUVD-2025-35594
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
CVE-2025-62611 aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
CVE-2025-62611 aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server
Summary The client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. Details It is possible to create a rogue MySQL server that emulates authorization, ignores client flags and requests arbitrary...
agent-runtime-server (>=0.0.8 <=0.1.0), ai-application-gateway (>=0.1.1 <=0.1.5) +125 more potentially affected by CVE-2025-62611 via aiomysql (>=0.0.11 <=0.2.0)
aiomysql PYPI version =0.0.11, =0.0.8, =0.1.1, =0.0.1, =1.9.0, =2.10.0, =0.1.0, =0.0.2, =1.0.5, =0.0.154, =0.1.0, =0.1.0, =1.1.1, =3.13.4 and more Source cves: CVE-2025-62611 Source advisory: SNYK:PYTHON-AIOMYSQL-13671310...