Fluid Attacks Database

Description

asyncmy is vulnerable to SQL injection via crafted dict keys SQL injection vulnerability in long2ice asyncmy thru 0.2.10 allows attackers to execute arbitrary SQL commands via crafted dict keys.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
pypi	asyncmy	>=0 <=0.2.11	0.2.2

Aliases

1. CVE-2025-658962. NVD-2025-658963. OSV-2025-658964. GCVE-2025-65896

References

1. https://github.com/long2ice/asyncmy/issues/134

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.