Все бюллетени/p8/ALT-PU-2018-2476-1
ALT-PU-2018-2476-1

Обновление пакета mariadb в ветке p8

Версия10.1.36-alt1
Задание#213649
Опубликовано2018-10-12
Макс. серьёзностьHIGH
Серьёзность:

Закрытые проблемы (65)

BDU:2017-01119
MEDIUM4.0

Уязвимость системы управления базами данных Oracle MySQL, позволяющая нарушителю модифицировать данные

Опубликовано: 2017-05-15Изменено: 2021-03-23
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:P/A:N
Ссылки
BDU:2017-01127
MEDIUM4.0

Уязвимость системы управления базами данных Oracle MySQL, позволяющая нарушителю получить привилегированный доступ и вызвать отказ в обслуживании

Опубликовано: 2017-05-15Изменено: 2021-03-23
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
Ссылки
BDU:2017-01130
MEDIUM4.0

Уязвимость системы управления базами данных Oracle MySQL, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2017-05-15Изменено: 2021-03-23
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
Ссылки
BDU:2017-01155
MEDIUM4.0

Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2017-05-15Изменено: 2021-03-23
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
Ссылки
BDU:2017-01156
MEDIUM4.0

Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2017-05-15Изменено: 2021-03-23
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
Ссылки
BDU:2018-00341
MEDIUM5.5

Уязвимость компонента InnoDB системы управления базами данных MySQL, позволяющая нарушителю получить привилегии для создания, удаления и изменения данных или вызвать отказ в обслуживании

Опубликовано: 2018-03-06Изменено: 2023-11-09
CVSS 3.xСРЕДНЯЯ 5.5
CVSS:3.x/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:P/A:C
Ссылки
BDU:2018-00342
HIGH7.1

Уязвимость компонента Server:Partition системы управления базами данных MySQL, позволяющая нарушителю получить привилегии для изменения, добавления или удаления данных или вызвать отказ в обслуживании

Опубликовано: 2018-03-06Изменено: 2023-11-09
CVSS 3.xВЫСОКАЯ 7.1
CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:P/A:C
Ссылки
BDU:2018-00966
HIGH7.1

Уязвимость компонента InnoDB системы управления базами данных MySQL, позволяющая нарушителю получить несанкционированный доступ к защищаемым данным или вызвать отказ в обслуживании

Опубликовано: 2018-08-10Изменено: 2023-11-09
CVSS 3.xВЫСОКАЯ 7.1
CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:P/A:C
Ссылки
BDU:2019-00591
MEDIUM6.4

Уязвимость компонента Server: Connection Handling системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2019-02-12Изменено: 2021-03-23
CVSS 3.xСРЕДНЯЯ 6.4
CVSS:3.x/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
CVSS 2.0СРЕДНЯЯ 5.9
CVSS:2.0/AV:A/AC:H/Au:S/C:C/I:N/A:C
Ссылки
BDU:2019-01627
LOW3.3

Уязвимость в компоненте Server: Options системы управления базами данных Oracle MySQL, позволяющая нарушителю получить несанкционированный доступ к функционалу и данным сервера

Опубликовано: 2019-04-25Изменено: 2023-11-09
CVSS 3.xНИЗКАЯ 3.3
CVSS:3.x/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
CVSS 2.0СРЕДНЯЯ 4.9
CVSS:2.0/AV:N/AC:M/Au:S/C:P/I:P/A:N
Ссылки
BDU:2019-03454
MEDIUM5.5

Уязвимость компонента InnoDB системы управления базами данных MySQL Server, позволяющая нарушителю получить доступ на изменение, добавление или удаление данных, вызвать зависание или отказ в обслуживании

Опубликовано: 2019-10-03Изменено: 2023-11-09
CVSS 3.xСРЕДНЯЯ 5.5
CVSS:3.x/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:P/A:C
Ссылки
BDU:2019-03456
MEDIUM4.3

Уязвимость компонента Server: DDL системы управления базами данных MySQL Server, позволяющая нарушителю получить доступ на чтение данных

Опубликовано: 2019-10-03Изменено: 2023-11-09
CVSS 3.xСРЕДНЯЯ 4.3
CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:N/A:N
Ссылки
BDU:2019-03457
MEDIUM6.5

Уязвимость компонента Server: DDL системы управления базами данных MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2019-10-03Изменено: 2023-11-09
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0СРЕДНЯЯ 6.8
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:C
Ссылки
BDU:2019-03458
MEDIUM6.5

Уязвимость компонента InnoDB системы управления базами данных MySQL Server , позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2019-10-03Изменено: 2023-11-09
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0СРЕДНЯЯ 6.8
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:C
Ссылки
BDU:2019-03538
HIGH7.7

Уязвимость компонента Server: Replication системы управления базами данных Oracle MySQL Server, позволяющая нарушителю получить несанкционированный доступ к устройству

Опубликовано: 2019-10-09Изменено: 2023-11-09
CVSS 3.xВЫСОКАЯ 7.7
CVSS:3.x/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0СРЕДНЯЯ 6.2
CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C
Ссылки
BDU:2019-03540
MEDIUM5.9

Уязвимость компонента Client programs системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2019-10-09Изменено: 2023-11-09
CVSS 3.xСРЕДНЯЯ 5.9
CVSS:3.x/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0СРЕДНЯЯ 5.4
CVSS:2.0/AV:N/AC:H/Au:N/C:N/I:N/A:C
Ссылки
BDU:2019-03541
MEDIUM4.9

Уязвимость компонента InnoDB системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2019-10-09Изменено: 2023-11-09
CVSS 3.xСРЕДНЯЯ 4.9
CVSS:3.x/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0СРЕДНЯЯ 6.8
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:C
Ссылки
BDU:2019-03542
MEDIUM4.4

Уязвимость компонента Server: Locking системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2019-10-09Изменено: 2023-11-09
CVSS 3.xСРЕДНЯЯ 4.4
CVSS:3.x/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0СРЕДНЯЯ 4.9
CVSS:2.0/AV:N/AC:H/Au:S/C:N/I:N/A:C
Ссылки
BDU:2019-03544
MEDIUM4.9

Уязвимость компонента Server: Optimizer системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2019-10-09Изменено: 2023-11-09
CVSS 3.xСРЕДНЯЯ 4.9
CVSS:3.x/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0СРЕДНЯЯ 6.8
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:C
Ссылки
BDU:2019-03545
MEDIUM6.5

Уязвимость компонента InnoDB системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2019-10-09Изменено: 2023-11-09
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0СРЕДНЯЯ 6.8
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:C
Ссылки
BDU:2019-03546
MEDIUM6.5

Уязвимость компонента InnoDB системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2019-10-09Изменено: 2023-11-09
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0СРЕДНЯЯ 6.8
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:C
Ссылки
BDU:2019-04692
MEDIUM6.5

Уязвимость компонента Server:Optimizer системы управления базами данных Oracle MySQL, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2019-12-17Изменено: 2023-11-09
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0СРЕДНЯЯ 6.8
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:C
Ссылки
BDU:2019-04693
MEDIUM6.5

Уязвимость компонента Server:Optimizer системы управления базами данных Oracle MySQL, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2019-12-17Изменено: 2023-11-09
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0СРЕДНЯЯ 6.8
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:C
Ссылки
BDU:2019-04694
MEDIUM6.5

Уязвимость компонента Server:Optimizer системы управления базами данных Oracle MySQL, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2019-12-17Изменено: 2020-02-27
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0СРЕДНЯЯ 6.8
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:C
Ссылки
BDU:2019-04695
MEDIUM6.5

Уязвимость компонента Server:DDL системы управления базами данных Oracle MySQL, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2019-12-17Изменено: 2020-02-27
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0СРЕДНЯЯ 6.8
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:C
Ссылки
BDU:2020-00675
MEDIUM4.1

Уязвимость компонента Server:Replication системы управления базами данных Oracle MySQL, позволяющая нарушителю получить несанкционированный доступ к конфиденциальным данным

Опубликовано: 2020-02-24
CVSS 3.xСРЕДНЯЯ 4.1
CVSS:3.x/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CVSS 2.0СРЕДНЯЯ 4.4
CVSS:2.0/AV:L/AC:M/Au:S/C:C/I:N/A:N
Ссылки
BDU:2020-00677
MEDIUM6.5

Уязвимость компонента Server:Optimizer системы управления базами данных Oracle MySQL, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2020-02-24
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0СРЕДНЯЯ 6.8
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:C
Ссылки
BDU:2020-00680
HIGH8.8

Уязвимость функции Event_job_data::execute (event_data_objects.cc) системы управления базами данных MariaDB, позволяющая нарушителю получить несанкционированный доступ к конфиденциальным данным, вызвать отказ в обслуживании и оказать воздействие на целостность данных

Опубликовано: 2020-02-24
CVSS 3.xВЫСОКАЯ 8.8
CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.0СРЕДНЯЯ 6.5
CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P
Ссылки
BDU:2020-00682
MEDIUM4.3

Уязвимость компонента MyISAM системы управления базами данных Oracle MySQL, позволяющая нарушителю оказать воздействие на целостность данных

Опубликовано: 2020-02-24Изменено: 2023-11-09
CVSS 3.xСРЕДНЯЯ 4.3
CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:P/A:N
Ссылки
BDU:2020-00683
MEDIUM4.9

Уязвимость компонента Server:Security:Privileges системы управления базами данных Oracle MySQL, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2020-02-24Изменено: 2023-11-09
CVSS 3.xСРЕДНЯЯ 4.9
CVSS:3.x/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
Ссылки
CVE-2017-10268
MEDIUM4.1

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).

Опубликовано: 2017-10-19Изменено: 2025-04-20
CVSS 2.0НИЗКАЯ 1.5
CVSS:2.0/AV:L/AC:M/Au:S/C:P/I:N/A:N
CVSS 3.xСРЕДНЯЯ 4.1
CVSS:3.x/CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Ссылки
CVE-2017-10378
MEDIUM6.5

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Опубликовано: 2017-10-19Изменено: 2025-04-20
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2017-15365
HIGH8.8

sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.

Опубликовано: 2018-01-25Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 6.5
CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS 3.xВЫСОКАЯ 8.8
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Ссылки
CVE-2017-3302
HIGH7.5

Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.

Опубликовано: 2017-02-12Изменено: 2025-04-20
CVSS 2.0СРЕДНЯЯ 5.0
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS 3.xВЫСОКАЯ 7.5
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2017-3308
HIGH7.7

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Опубликовано: 2017-04-24Изменено: 2025-04-20
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS 3.xВЫСОКАЯ 7.7
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Ссылки
CVE-2017-3309
HIGH7.7

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Опубликовано: 2017-04-24Изменено: 2025-04-20
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS 3.xВЫСОКАЯ 7.7
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Ссылки
CVE-2017-3313
MEDIUM4.7

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).

Опубликовано: 2017-01-27Изменено: 2025-04-20
CVSS 2.0НИЗКАЯ 1.5
CVSS:2.0/AV:L/AC:M/Au:S/C:P/I:N/A:N
CVSS 3.xСРЕДНЯЯ 4.7
CVSS:3.x/CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Ссылки
CVE-2017-3453
MEDIUM6.5

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Опубликовано: 2017-04-24Изменено: 2025-04-20
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2017-3456
MEDIUM4.9

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Опубликовано: 2017-04-24Изменено: 2025-04-20
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS 3.xСРЕДНЯЯ 4.9
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2017-3464
MEDIUM4.3

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).

Опубликовано: 2017-04-24Изменено: 2025-04-20
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:P/A:N
CVSS 3.xСРЕДНЯЯ 4.3
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Ссылки
CVE-2017-3636
MEDIUM5.3

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).

Опубликовано: 2017-08-08Изменено: 2025-04-20
CVSS 2.0СРЕДНЯЯ 4.6
CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS 3.xСРЕДНЯЯ 5.3
CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Ссылки
CVE-2017-3641
MEDIUM4.9

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Опубликовано: 2017-08-08Изменено: 2025-04-20
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS 3.xСРЕДНЯЯ 4.9
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2017-3653
LOW3.1

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).

Опубликовано: 2017-08-08Изменено: 2025-04-20
CVSS 2.0НИЗКАЯ 3.5
CVSS:2.0/AV:N/AC:M/Au:S/C:N/I:P/A:N
CVSS 3.xНИЗКАЯ 3.1
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
Ссылки
CVE-2018-2562
HIGH7.1

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).

Опубликовано: 2018-01-18Изменено: 2024-11-21
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:P/A:C
CVSS 3.xВЫСОКАЯ 7.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Ссылки
CVE-2018-2612
MEDIUM6.5

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).

Опубликовано: 2018-01-18Изменено: 2024-11-21
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:P/A:C
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Ссылки
CVE-2018-2622
MEDIUM6.5

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Опубликовано: 2018-01-18Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 6.8
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:C
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2018-2640
MEDIUM6.5

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Опубликовано: 2018-01-18Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 6.8
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:C
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2018-2665
MEDIUM6.5

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Опубликовано: 2018-01-18Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 6.8
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:C
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2018-2668
MEDIUM6.5

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Опубликовано: 2018-01-18Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 6.8
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:C
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2018-2755
HIGH7.7

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).

Опубликовано: 2018-04-19Изменено: 2024-11-21
CVSS 2.0НИЗКАЯ 3.7
CVSS:2.0/AV:L/AC:H/Au:N/C:P/I:P/A:P
CVSS 3.xВЫСОКАЯ 7.7
CVSS:3.x/CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Ссылки
CVE-2018-2761
MEDIUM5.9

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

Опубликовано: 2018-04-19Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS 3.xСРЕДНЯЯ 5.9
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2018-2766
MEDIUM4.9

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Опубликовано: 2018-04-19Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 6.8
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:C
CVSS 3.xСРЕДНЯЯ 4.9
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2018-2771
MEDIUM4.4

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).

Опубликовано: 2018-04-19Изменено: 2024-11-21
CVSS 2.0НИЗКАЯ 3.5
CVSS:2.0/AV:N/AC:M/Au:S/C:N/I:N/A:P
CVSS 3.xСРЕДНЯЯ 4.4
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2018-2781
MEDIUM4.9

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Опубликовано: 2018-04-19Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS 3.xСРЕДНЯЯ 4.9
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2018-2782
MEDIUM6.5

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Опубликовано: 2018-04-19Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2018-2784
MEDIUM6.5

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Опубликовано: 2018-04-19Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2018-2787
MEDIUM5.5

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

Опубликовано: 2018-04-19Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 5.5
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:P/A:P
CVSS 3.xСРЕДНЯЯ 5.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
Ссылки
CVE-2018-2813
MEDIUM4.3

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

Опубликовано: 2018-04-19Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS 3.xСРЕДНЯЯ 4.3
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Ссылки
CVE-2018-2817
MEDIUM6.5

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Опубликовано: 2018-04-19Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2018-2819
MEDIUM6.5

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Опубликовано: 2018-04-19Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2018-3058
MEDIUM4.3

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).

Опубликовано: 2018-07-18Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:P/A:N
CVSS 3.xСРЕДНЯЯ 4.3
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Ссылки
CVE-2018-3063
MEDIUM4.9

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Опубликовано: 2018-07-18Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS 3.xСРЕДНЯЯ 4.9
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2018-3064
HIGH7.1

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).

Опубликовано: 2018-07-18Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 5.5
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:P/A:P
CVSS 3.xВЫСОКАЯ 7.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Ссылки
CVE-2018-3066
LOW3.3

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N).

Опубликовано: 2018-07-18Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.9
CVSS:2.0/AV:N/AC:M/Au:S/C:P/I:P/A:N
CVSS 3.xНИЗКАЯ 3.3
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
Ссылки
CVE-2019-2503
MEDIUM6.4

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.4 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H).

Опубликовано: 2019-01-16Изменено: 2024-11-21
CVSS 2.0НИЗКАЯ 3.8
CVSS:2.0/AV:A/AC:M/Au:S/C:P/I:N/A:P
CVSS 3.xСРЕДНЯЯ 6.4
CVSS:3.x/CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
Ссылки

Закрытые ошибки (1)

Ошибка #33259

Неверные права на каталог /var/lib/mysql/usr/lib64/mysql/plugin