{"id":2812592,"name":"mysql-connector-python","ecosystem":"pypi","description":"A self-contained Python driver for communicating with MySQL servers, using an API that is compliant with the Python Database API Specification v2.0 (PEP 249).","homepage":"https://dev.mysql.com/doc/connector-python/en/","licenses":"GNU GPLv2 (with FOSS License Exception)","normalized_licenses":["GPL-2.0-with-font-exception"],"repository_url":"https://github.com/mysql/mysql-connector-python","keywords_array":["mysql","database","db","connector","driver"],"namespace":null,"versions_count":53,"first_release_published_at":"2023-08-22T04:00:57.531Z","latest_release_published_at":"2026-04-23T07:15:43.000Z","latest_release_number":"9.7.0","last_synced_at":"2026-06-27T13:29:20.952Z","created_at":"2022-04-10T11:42:07.184Z","updated_at":"2026-06-27T13:29:20.953Z","registry_url":"https://pypi.org/project/mysql-connector-python/","install_command":"pip install mysql-connector-python --index-url https://pypi.org/simple","documentation_url":"https://dev.mysql.com/doc/connector-python/en/","metadata":{"funding":null,"documentation":"https://dev.mysql.com/doc/connector-python/en/","classifiers":["Development Status :: 5 - Production/Stable","Intended Audience :: Developers","Intended Audience :: Education","License :: OSI Approved :: GNU General Public License (GPL)","Operating System :: MacOS :: MacOS X","Operating System :: Microsoft :: Windows","Operating System :: POSIX :: Linux","Operating System :: Unix","Programming Language :: Python :: 3","Programming Language :: Python :: 3.10","Programming Language :: Python :: 3.11","Programming Language :: Python :: 3.12","Programming Language :: Python :: 3.13","Programming Language :: Python :: 3.14","Topic :: Database","Topic :: Software Development","Topic :: Software Development :: Libraries :: Python Modules","Typing :: Typed"],"normalized_name":"mysql-connector-python","project_status":null},"repo_metadata":{},"repo_metadata_updated_at":"2024-09-08T11:41:53.490Z","dependent_packages_count":424,"downloads":45641073,"downloads_period":"last-month","dependent_repos_count":14842,"rankings":{"downloads":0.06804754891261484,"dependent_repos_count":0.06749729919094949,"dependent_packages_count":0.06437921743484584,"stargazers_count":null,"forks_count":null,"docker_downloads_count":0.4570741021300167,"average":0.16424954191710672},"purl":"pkg:pypi/mysql-connector-python","advisories":[{"uuid":"GSA_kwCzR0hTQS1oZ2pwLTgzbTQtaDRmas4ABAS0","url":"https://github.com/advisories/GHSA-hgjp-83m4-h4fj","title":"MySQL Connector/Python connector takeover vulnerability","description":"Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python).  Supported versions that are affected are 9.0.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2024-10-15T21:30:39.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.7,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","references":["https://nvd.nist.gov/vuln/detail/CVE-2024-21272","https://www.oracle.com/security-alerts/cpuoct2024.html","https://github.com/mysql/mysql-connector-python/commit/e6b927af06e8a85bd3754f602df96a5592b4558c","https://github.com/advisories/GHSA-hgjp-83m4-h4fj"],"source_kind":"github","identifiers":["GHSA-hgjp-83m4-h4fj","CVE-2024-21272"],"repository_url":"https://github.com/mysql/mysql-connector-python","blast_radius":32.12049168984734,"created_at":"2024-10-24T17:06:38.874Z","updated_at":"2026-06-22T18:05:29.995Z","epss_percentage":0.00517,"epss_percentile":0.3979,"api_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1oZ2pwLTgzbTQtaDRmas4ABAS0","html_url":"https://advisories.ecosyste.ms/advisories/GSA_kwCzR0hTQS1oZ2pwLTgzbTQtaDRmas4ABAS0","packages":[{"ecosystem":"pypi","package_name":"mysql-connector-python","versions":[{"first_patched_version":"9.1.0","vulnerable_version_range":"\u003c 9.1.0"}],"purl":"pkg:pypi/mysql-connector-python"}],"related_packages_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1oZ2pwLTgzbTQtaDRmas4ABAS0/related_packages","related_advisories":[]},{"uuid":"GSA_kwCzR0hTQS0yY2YzLWcyNDMtaGhmeM4AASTB","url":"https://github.com/advisories/GHSA-2cf3-g243-hhfx","title":"MySQL Connectors Privilege Escalation","description":"Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 2.1.5 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data. CVSS 3.0 Base Score 3.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).","origin":"UNSPECIFIED","severity":"LOW","published_at":"2022-05-13T01:45:43.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":3.3,"cvss_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","references":["https://nvd.nist.gov/vuln/detail/CVE-2017-3590","http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html","http://www.securityfocus.com/bid/97840","http://www.securitytracker.com/id/1038287","https://github.com/advisories/GHSA-2cf3-g243-hhfx"],"source_kind":"github","identifiers":["GHSA-2cf3-g243-hhfx","CVE-2017-3590"],"repository_url":null,"blast_radius":0.0,"created_at":"2024-04-22T23:04:56.115Z","updated_at":"2026-06-20T04:05:59.971Z","epss_percentage":0.00406,"epss_percentile":0.32256,"api_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS0yY2YzLWcyNDMtaGhmeM4AASTB","html_url":"https://advisories.ecosyste.ms/advisories/GSA_kwCzR0hTQS0yY2YzLWcyNDMtaGhmeM4AASTB","packages":[{"ecosystem":"pypi","package_name":"mysql-connector-python","versions":[{"first_patched_version":null,"vulnerable_version_range":"\u003c= 2.1.5"}],"purl":"pkg:pypi/mysql-connector-python"}],"related_packages_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS0yY2YzLWcyNDMtaGhmeM4AASTB/related_packages","related_advisories":[]},{"uuid":"GSA_kwCzR0hTQS12NXJxLXcyeG0tN2c1Zs4AAQGM","url":"https://github.com/advisories/GHSA-v5rq-w2xm-7g5f","title":"Improper Access Control in MySQL Connector Python","description":"Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 8.0.13 and prior and 2.1.8 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Connectors accessible data as well as unauthorized access to critical data or complete access to all MySQL Connectors accessible data. ","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-05-13T01:22:02.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":8.1,"cvss_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","references":["https://nvd.nist.gov/vuln/detail/CVE-2019-2435","https://security.netapp.com/advisory/ntap-20190118-0002/","http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00044.html","http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00053.html","http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","http://www.securityfocus.com/bid/106616","https://github.com/advisories/GHSA-v5rq-w2xm-7g5f"],"source_kind":"github","identifiers":["GHSA-v5rq-w2xm-7g5f","CVE-2019-2435"],"repository_url":null,"blast_radius":0.0,"created_at":"2022-12-21T16:12:16.859Z","updated_at":"2026-06-24T09:11:15.311Z","epss_percentage":0.02518,"epss_percentile":0.82774,"api_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS12NXJxLXcyeG0tN2c1Zs4AAQGM","html_url":"https://advisories.ecosyste.ms/advisories/GSA_kwCzR0hTQS12NXJxLXcyeG0tN2c1Zs4AAQGM","packages":[{"ecosystem":"pypi","package_name":"mysql-connector-python","versions":[{"first_patched_version":null,"vulnerable_version_range":"\u003e= 2.1.0, \u003c= 2.1.8"},{"first_patched_version":"8.0.19","vulnerable_version_range":"\u003e= 8.0.0, \u003c= 8.0.13"}],"purl":"pkg:pypi/mysql-connector-python"}],"related_packages_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS12NXJxLXcyeG0tN2c1Zs4AAQGM/related_packages","related_advisories":[]}],"docker_usage_url":"https://docker.ecosyste.ms/usage/pypi/mysql-connector-python","docker_dependents_count":790,"docker_downloads_count":29575883,"usage_url":"https://repos.ecosyste.ms/usage/pypi/mysql-connector-python","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/pypi/mysql-connector-python/dependencies","status":null,"funding_links":[],"critical":true,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/mysql-connector-python/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/mysql-connector-python/version_numbers","latest_version_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/mysql-connector-python/latest_version","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/mysql-connector-python/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/mysql-connector-python/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/mysql-connector-python/codemeta","maintainers":[{"uuid":"mysql_re_team","login":"mysql_re_team","name":null,"email":null,"url":null,"packages_count":3,"html_url":"https://pypi.org/user/mysql_re_team/","role":null,"created_at":"2023-02-24T18:22:05.320Z","updated_at":"2023-02-24T18:22:05.320Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/mysql_re_team/packages"},{"uuid":"chuck.bell","login":"chuck.bell","name":null,"email":null,"url":null,"packages_count":1,"html_url":"https://pypi.org/user/chuck.bell/","role":null,"created_at":"2023-02-24T18:22:05.305Z","updated_at":"2023-02-24T18:22:05.305Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/chuck.bell/packages"},{"uuid":"prashanttekriwal","login":"prashanttekriwal","name":null,"email":null,"url":null,"packages_count":1,"html_url":"https://pypi.org/user/prashanttekriwal/","role":null,"created_at":"2023-02-24T18:22:05.361Z","updated_at":"2023-02-24T18:22:05.361Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/prashanttekriwal/packages"},{"uuid":"oscpache","login":"oscpache","name":null,"email":null,"url":null,"packages_count":1,"html_url":"https://pypi.org/user/oscpache/","role":null,"created_at":"2023-12-13T11:10:02.381Z","updated_at":"2023-12-13T11:10:02.381Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/oscpache/packages"}]}