CNNVD-202510-2862 Information

CNNVD ID

CNNVD-202510-2862

Related CVE

CVE-2025-62611

• CNNVD Published: 2025-10-22

Description (Chinese)

aiomysql是aio-libs开源的一个MySQL访问库。 aiomysql 0.3.0之前版本存在安全漏洞，该漏洞源于未检查客户端设置，可能导致恶意服务器获取客户端任意文件。

Description (English)

aiomysql is a MySQL access library of aio-libs open source. Prior to aiomysql 0.3.0 there was a security loophole, which stemmed from the failure to check the client ’ s settings, which could lead to malicious servers obtaining random client files.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

aio-libs

Published

2025-10-22

Last Modified

2026-02-24

References

https://github.com/aio-libs/aiomysql/commit/32c4520dae3711367ded74a4726dcb8bb8919538 https://github.com/aio-libs/aiomysql/pull/1044 https://github.com/aio-libs/aiomysql/security/advisories/GHSA-r397-ff8c-wv2g https://access.redhat.com/security/cve/cve-2025-62611

Patch

https://aiomysql.readthedocs.io/en/latest/