VDB
CNVD-2025-18064
CNVD-2025-18064
PUBLISHED
CVSS 6.5 MEDIUM
Oracle MySQL是美国甲骨文(Oracle)公司的一套开源的关系数据库管理系统。MySQL Connectors是其中的一个连接使用MySQL的应用程序的驱动程序。 Oracle MySQL的MySQL Connectors存在安全漏洞,攻击者可利用该漏洞更新、插入或删除可访问的数据。
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle Corporation | MySQL Connectors | * |
Exploit Intelligence
- CIRCL published-proof-of-concept: CVE-2024-21262 (circl-sighting)
- https://security.netapp.com/advisory/ntap-20241025-0005/ (circl)
- Oracle Advisory (circl)
- THREE different reproduction, WORKDIR, EXEC & RUNC. (github-poc-repo)
- THREE different reproduction, WORKDIR, EXEC & RUNC. (github-poc-repo)
- THREE different reproduction, WORKDIR, EXEC & RUNC. (github-poc)
- THREE different reproduction, WORKDIR, EXEC & RUNC. (github-poc)
- CIRCL seen: CVE-2024-21262 (circl-sighting)
Timeline
- Oct 15, 2024 CVE Published
- Oct 23, 2024 CVE ID Reserved
- Oct 11, 2025 PoC Published
- Oct 12, 2025 PoC Published
References
- Oracle Advisory vendor-advisory
- https://security.netapp.com/advisory/ntap-20241025-0005/ url