ALT-PU-2024-7978-3

Package MySQL updated to version 8.0.37-alt1 for branch sisyphus in task 348438.

Уязвимость компонента Server: Information Schema системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (5.3)Vector: AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (4.9)Vector: AV:N/AC:H/Au:S/C:N/I:N/A:C

References:

CVE-2024-20994

Уязвимость компонента Server: Optimizer системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.1)Vector: AV:N/AC:L/Au:M/C:N/I:N/A:C

References:

CVE-2024-20993

Уязвимость компонента Server: Security: Privileges системы управления базами данных Oracle MySQL Server, позволяющая нарушителю получить несанкционированный доступ на чтение, добавление, изменение или удаление защищаемой информации

Severity: LOW (3.8)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

Severity: MEDIUM (4.7)Vector: AV:N/AC:L/Au:M/C:P/I:P/A:N

References:

CVE-2024-21000

Уязвимость компонента InnoDB системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.1)Vector: AV:N/AC:L/Au:M/C:N/I:N/A:C

References:

CVE-2024-21047

Уязвимость компонента Server: DDL системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.1)Vector: AV:N/AC:L/Au:M/C:N/I:N/A:C

References:

CVE-2024-21069

Уязвимость компонента Server: Data Dictionary системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.1)Vector: AV:N/AC:L/Au:M/C:N/I:N/A:C

References:

CVE-2024-21060

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.1)Vector: AV:N/AC:L/Au:M/C:N/I:N/A:C

References:

CVE-2024-21062

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.1)Vector: AV:N/AC:L/Au:M/C:N/I:N/A:C

References:

CVE-2024-21054

Уязвимость компонента Server: DML системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.1)Vector: AV:N/AC:L/Au:M/C:N/I:N/A:C

References:

CVE-2024-21056

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.1)Vector: AV:N/AC:L/Au:M/C:N/I:N/A:C

References:

CVE-2024-21053

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.1)Vector: AV:N/AC:L/Au:M/C:N/I:N/A:C

References:

CVE-2024-21052

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.1)Vector: AV:N/AC:L/Au:M/C:N/I:N/A:C

References:

CVE-2024-21051

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.1)Vector: AV:N/AC:L/Au:M/C:N/I:N/A:C

References:

CVE-2024-21049

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.1)Vector: AV:N/AC:L/Au:M/C:N/I:N/A:C

References:

CVE-2024-21050

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.1)Vector: AV:N/AC:L/Au:M/C:N/I:N/A:C

References:

CVE-2024-21057

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.1)Vector: AV:N/AC:L/Au:M/C:N/I:N/A:C

References:

CVE-2024-21055

Уязвимость компонента Server: Audit Plug-in системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.1)Vector: AV:N/AC:L/Au:M/C:N/I:N/A:C

References:

CVE-2024-21061

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.8)Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C

References:

CVE-2024-21013

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.8)Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C

References:

CVE-2024-21009

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.8)Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C

References:

CVE-2024-20998

Severity: MEDIUM (5.5)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H

Severity: HIGH (7.5)Vector: AV:N/AC:L/Au:S/C:N/I:P/A:C

References:

CVE-2024-21015

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.8)Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C

References:

CVE-2024-21008

Уязвимость компонента Cluster: General системы управления базами данных Oracle MySQL Server, позволяющая нарушителю раскрыть защищаемую информацию

Severity: LOW (2.2)Vector: AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N

Severity: LOW (1.7)Vector: AV:N/AC:H/Au:M/C:P/I:N/A:N

References:

CVE-2024-21101

Уязвимость компонента Server:Thread Pooling системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.1)Vector: AV:N/AC:L/Au:M/C:N/I:N/A:C

References:

CVE-2024-21102

Уязвимость компонента Server: Group Replication Plugin системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.1)Vector: AV:N/AC:L/Au:M/C:N/I:N/A:C

References:

CVE-2024-21087

Уязвимость компонента Client: mysqldump системы управления базами данных Oracle MySQL Server, позволяющая нарушителю получить несанкционированный доступ на чтение, добавление, изменение, удаление защищаемой информации или вызвать отказ в обслуживании

Severity: MEDIUM (4.9)Vector: AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Severity: LOW (3.7)Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P

References:

CVE-2024-21096

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.8)Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C

References:

CVE-2024-21135

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.8)Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C

References:

CVE-2024-21159

Уязвимость компонента InnoDB системы управления базами данных MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.8)Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C

References:

CVE-2024-21157

Уязвимость компонента InnoDB системы управления базами данных Oracle MySQL Server, позволяющая нарушителю получить несанкционированный доступ на чтение, создание, изменение и удаление данных или вызвать отказ в обслуживании

Severity: MEDIUM (5.9)Vector: AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H

Severity: MEDIUM (6.6)Vector: AV:N/AC:H/Au:S/C:N/I:C/A:C

References:

CVE-2024-21166

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.8)Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C

References:

CVE-2024-21160

Severity: MEDIUM (4.9)Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.8)Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C

References:

CVE-2025-21492

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (5.3)Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N).

Severity: LOW (3.8)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

References:

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.4)Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Severity: MEDIUM (4.4)Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

Severity: MEDIUM (5.5)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H

References:

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Data Dictionary). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

References:

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.5.33 and prior, 7.6.29 and prior, 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data. CVSS 3.1 Base Score 2.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N).

Severity: LOW (2.2)Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N

References:

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H).

Severity: MEDIUM (5.9)Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H

References:

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.9)Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

Version: 2.1.2

ALT-PU-2024-7978-3

Closed vulnerabilities