Mysql Connector C
Monthly
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/C). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 51.7%.
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/C). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 51.7%.