25 matches found
ROOT-APP-PYPI-CVE-2025-62611 CVE-2025-62611 in rootio-aiomysql - Patched by Root
Root has patched CVE-2025-62611 in the rootio-aiomysql package for Root:PyPI. Multiple fixed versions available...
ROS-20251124-09
The vulnerability of the MySQL database access library aiomysql is related to the fact that client-side settings are not checked before sending local files to a remote MySQL server. client side settings are not checked before sending local files to a remote MySQL server. Exploitation vulnerabilit...
OESA-2025-2675 python-aiomysql security update
aiomysql is a "driver" for accessing a MySQL database from the asyncio PEP-3156/tulip framework. It depends on and reuses most parts of PyMySQL . aiomysql tries to be like awesome aiopg library and preserve same api, look and feel. Security Fixes: aiomysql is a library for accessing a MySQL...
Arbitrary Client-Side File Disclosure
aiomysql is vulnerable to Arbitrary Client-Side File Disclosure. The vulnerability is due to the client not validating server requests for local files, and attackers can exploit this by running a rogue MySQL server that sends LOADLOCAL packets to request and retrieve arbitrary files from the clie...
OESA-2025-2618 python-aiomysql security update
aiomysql is a "driver" for accessing a MySQL database from the asyncio PEP-3156/tulip framework. It depends on and reuses most parts of PyMySQL . aiomysql tries to be like awesome aiopg library and preserve same api, look and feel. Security Fixes: aiomysql is a library for accessing a MySQL...
OESA-2025-2619 python-aiomysql security update
aiomysql is a "driver" for accessing a MySQL database from the asyncio PEP-3156/tulip framework. It depends on and reuses most parts of PyMySQL . aiomysql tries to be like awesome aiopg library and preserve same api, look and feel. Security Fixes: aiomysql is a library for accessing a MySQL...
OESA-2025-2617 python-aiomysql security update
aiomysql is a "driver" for accessing a MySQL database from the asyncio PEP-3156/tulip framework. It depends on and reuses most parts of PyMySQL . aiomysql tries to be like awesome aiopg library and preserve same api, look and feel. Security Fixes: aiomysql is a library for accessing a MySQL...
OESA-2025-2616 python-aiomysql security update
aiomysql is a "driver" for accessing a MySQL database from the asyncio PEP-3156/tulip framework. It depends on and reuses most parts of PyMySQL . aiomysql tries to be like awesome aiopg library and preserve same api, look and feel. Security Fixes: aiomysql is a library for accessing a MySQL...
Linux Distros Unpatched Vulnerability : CVE-2025-62611
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client- side settings are not checked before sending local...
CVE-2025-62611
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
DEBIAN-CVE-2025-62611
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
UBUNTU-CVE-2025-62611
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
EUVD-2025-35594
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
CVE-2025-62611
Summary: CVE-2025-62611 affects the aiomysql Python library used to access MySQL from asyncio. Prior to version 0.3.0, client-side settings are not validated before sending local files to the server, enabling a rogue MySQL server to request arbitrary client files via a LOAD_LOCAL packet. This vul...
CVE-2025-62611 aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
CVE-2025-62611 aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
CVE-2025-62611
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
CVE-2025-62611 aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
agent-runtime-server (>=0.0.8 <=0.1.0), ai-application-gateway (>=0.1.1 <=0.1.5) +125 more potentially affected by CVE-2025-62611 via aiomysql (>=0.0.11 <=0.2.0)
aiomysql PYPI version =0.0.11, =0.0.8, =0.1.1, =0.0.1, =1.9.0, =2.10.0, =0.1.0, =0.0.2, =1.0.5, =0.0.154, =0.1.0, =0.1.0, =1.1.1, =3.13.4 and more Source cves: CVE-2025-62611 Source advisory: SNYK:PYTHON-AIOMYSQL-13671310...
External Control of File Name or Path
Overview aiomysql is a MySQL driver for asyncio. Affected versions of this package are vulnerable to External Control of File Name or Path via the LOADLOCAL instruction packet. An attacker can obtain arbitrary files from the client system by setting up a malicious MySQL server that sends crafted...