Vulnerabilities > Oracle > Mysql Connector C > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-08-08 CVE-2017-3635 Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/C).
network
high complexity
oracle debian
5.3
2016-05-16 CVE-2015-3152 Improper Certificate Validation vulnerability in multiple products
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.
network
high complexity
oracle mariadb fedoraproject debian redhat php CWE-295
5.9