Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-21090 (GCVE-0-2024-21090)
Vulnerability from cvelistv5 – Published: 2024-04-16 21:26 – Updated: 2025-03-27 16:55
VLAI
EPSS
Summary
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
Severity
7.5 (High)
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.oracle.com/security-alerts/cpuapr2024.html | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Oracle Corporation | MySQL Connectors |
Affected:
* , ≤ 8.3.0
(custom)
cpe:2.3:a:oracle:mysql_connectors:8.3.0_and_prior:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21090",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T21:15:25.284089Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T16:55:11.187Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:13:42.660Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Oracle Advisory",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:oracle:mysql_connectors:8.3.0_and_prior:*:*:*:*:*:*:*"
],
"product": "MySQL Connectors",
"vendor": "Oracle Corporation",
"versions": [
{
"lessThanOrEqual": "8.3.0",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en-US",
"value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors.",
"lang": "en-US"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-16T21:26:28.786Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "Oracle Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2024-21090",
"datePublished": "2024-04-16T21:26:28.786Z",
"dateReserved": "2023-12-07T22:28:10.671Z",
"dateUpdated": "2025-03-27T16:55:11.187Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-21090",
"date": "2026-05-30",
"epss": "0.00269",
"percentile": "0.50551"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-21090\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2024-04-16T22:15:29.153\",\"lastModified\":\"2025-05-13T19:27:28.147\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en el producto MySQL Connectors de Oracle MySQL (componente: Connector/Python). Las versiones compatibles que se ven afectadas son la 8.3.0 y anteriores. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante no autenticado con acceso a la red a trav\u00e9s de m\u00faltiples protocolos comprometa los conectores MySQL. Los ataques exitosos a esta vulnerabilidad pueden resultar en una capacidad no autorizada para provocar un bloqueo o una falla frecuente (DOS completo) de los conectores MySQL. CVSS 3.1 Puntuaci\u00f3n base 7,5 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert_us@oracle.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql_connector\\\\/python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndIncluding\":\"8.3.0\",\"matchCriteriaId\":\"74898A16-F836-4734-A866-A570FCC10655\"}]}]}],\"references\":[{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2024.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.oracle.com/security-alerts/cpuapr2024.html\", \"name\": \"Oracle Advisory\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T22:13:42.660Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-21090\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-01T21:15:25.284089Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-01T21:15:50.655Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:oracle:mysql_connectors:8.3.0_and_prior:*:*:*:*:*:*:*\"], \"vendor\": \"Oracle Corporation\", \"product\": \"MySQL Connectors\", \"versions\": [{\"status\": \"affected\", \"version\": \"*\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"8.3.0\"}]}], \"references\": [{\"url\": \"https://www.oracle.com/security-alerts/cpuapr2024.html\", \"name\": \"Oracle Advisory\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"description\": \"Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors.\"}]}], \"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2024-04-16T21:26:28.786Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-21090\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-27T16:55:11.187Z\", \"dateReserved\": \"2023-12-07T22:28:10.671Z\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"datePublished\": \"2024-04-16T21:26:28.786Z\", \"assignerShortName\": \"oracle\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Title
Уязвимость компонента Connector/Python драйвера MySQL Connectors системы управления базами данных Oracle MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость компонента Connector/Python драйвера MySQL Connectors системы управления базами данных Oracle MySQL связана с недостаточной проверкой входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании
Severity
Vendor
Oracle Corp.
Software Name
MySQL Connectors
Software Version
до 8.3.0 включительно (MySQL Connectors)
Possible Mitigations
Использование рекомендаций производителя:
https://www.oracle.com/security-alerts/cpuapr2024.html
Reference
https://www.oracle.com/security-alerts/cpuapr2024.html
https://www.cybersecurity-help.cz/vdb/SB20240417102
CWE
CWE-20
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Oracle Corp.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 8.3.0 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (MySQL Connectors)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://www.oracle.com/security-alerts/cpuapr2024.html",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "16.04.2024",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "02.05.2024",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "02.05.2024",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-03416",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-21090",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "MySQL Connectors",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Connector/Python \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 MySQL Connectors \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0430\u0437\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 Oracle MySQL, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Connector/Python \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 MySQL Connectors \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0430\u0437\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 Oracle MySQL \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.oracle.com/security-alerts/cpuapr2024.html\nhttps://www.cybersecurity-help.cz/vdb/SB20240417102",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}
CERTFR-2024-AVI-0326
Vulnerability from certfr_avis - Published: 2024-04-18 - Updated: 2024-04-18
De multiples vulnérabilités ont été découvertes dans Oracle MySQL. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | MySQL | MySQL Cluster, versions 7.5.33, 7.6.29, 8.0.36, 8.2.0 et 8.3.0 sans les derniers correctifs de sécurité | ||
| Oracle | MySQL | MySQL Enterprise Monitor versions 8.0.37 sans les derniers correctifs de sécurité | ||
| Oracle | MySQL | MySQL Enterprise Backup versions 8.0.36 et 8.3.0 sans les derniers correctifs de sécurité | ||
| Oracle | MySQL | MySQL Server versions 8.0.36, 8.2.0 et 8.3.0 sans les derniers correctifs de sécurité | ||
| Oracle | MySQL | MySQL Connectors version 8.3.0 sans les derniers correctifs de sécurité |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "MySQL Cluster, versions 7.5.33, 7.6.29, 8.0.36, 8.2.0 et 8.3.0 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "MySQL Enterprise Monitor versions 8.0.37 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "MySQL Enterprise Backup versions 8.0.36 et 8.3.0 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "MySQL Server versions 8.0.36, 8.2.0 et 8.3.0 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "MySQL Connectors version 8.3.0 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-21052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21052"
},
{
"name": "CVE-2024-21053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21053"
},
{
"name": "CVE-2024-20998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20998"
},
{
"name": "CVE-2024-21102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21102"
},
{
"name": "CVE-2024-21049",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21049"
},
{
"name": "CVE-2024-21015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21015"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-21009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21009"
},
{
"name": "CVE-2024-21050",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21050"
},
{
"name": "CVE-2024-21101",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21101"
},
{
"name": "CVE-2024-21000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21000"
},
{
"name": "CVE-2024-21057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21057"
},
{
"name": "CVE-2024-21096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21096"
},
{
"name": "CVE-2024-21062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21062"
},
{
"name": "CVE-2024-21055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21055"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2024-21056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21056"
},
{
"name": "CVE-2024-21047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21047"
},
{
"name": "CVE-2024-21013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21013"
},
{
"name": "CVE-2024-21060",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21060"
},
{
"name": "CVE-2024-21090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21090"
},
{
"name": "CVE-2024-20993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20993"
},
{
"name": "CVE-2024-21087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21087"
},
{
"name": "CVE-2024-0853",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0853"
},
{
"name": "CVE-2024-21061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21061"
},
{
"name": "CVE-2024-21069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21069"
},
{
"name": "CVE-2024-21051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21051"
},
{
"name": "CVE-2024-21054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21054"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-21008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21008"
},
{
"name": "CVE-2024-20994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20994"
}
],
"initial_release_date": "2024-04-18T00:00:00",
"last_revision_date": "2024-04-18T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0326",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-04-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle MySQL. Elles\npermettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance,\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle MySQL",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2024verbose du 16 avril 2024",
"url": "https://www.oracle.com/security-alerts/cpuapr2024verbose.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2024 du 16 avril 2024",
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html"
}
]
}
CERTFR-2025-AVI-0245
Vulnerability from certfr_avis - Published: 2025-03-27 - Updated: 2025-03-27
De multiples vulnérabilités ont été découvertes dans les produits Splunk. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Splunk | Splunk Secure Gateway | Splunk Secure Gateway versions 3.8.x antérieures à 3.8.38 | ||
| Splunk | Splunk Secure Gateway | Splunk Secure Gateway versions 3.7.x antérieures à 3.7.23 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 9.3.2408.10x antérieures à 9.3.2408.107 | ||
| Splunk | Splunk Add-on for Microsoft Cloud Services | Splunk Add-on for Microsoft Cloud Services versions 5.4.x antérieures à 5.4.3 | ||
| Splunk | Splunk DB Connect | Splunk DB Connect versions antérieures à 4.0.0 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 9.1.x antérieures à 9.1.8 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 9.1.x antérieures à 9.1.2312.208 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 9.3.x antérieures à 9.3.3 | ||
| Splunk | Splunk Infrastructure Monitoring Add-on | Splunk Infrastructure Monitoring Add-on versions antérieures à 1.2.7 | ||
| Splunk | Splunk App for Data Science and Deep Learning | Splunk App for Data Science and Deep Learning versions 5.1.x antérieures à 5.2.0 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 9.2.x antérieures à 9.2.5 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 9.2.x antérieures à 9.2.2403.115 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 9.4.x antérieures à 9.4.1 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 9.2.2406.10x antérieures à 9.2.2406.113 | ||
| Splunk | Splunk App for Lookup File Editing | Splunk App for Lookup File Editing versions 4.0.x antérieures à 4.0.5 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Splunk Secure Gateway versions 3.8.x ant\u00e9rieures \u00e0 3.8.38",
"product": {
"name": "Splunk Secure Gateway",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Secure Gateway versions 3.7.x ant\u00e9rieures \u00e0 3.7.23",
"product": {
"name": "Splunk Secure Gateway",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 9.3.2408.10x ant\u00e9rieures \u00e0 9.3.2408.107",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Add-on for Microsoft Cloud Services versions 5.4.x ant\u00e9rieures \u00e0 5.4.3",
"product": {
"name": "Splunk Add-on for Microsoft Cloud Services",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk DB Connect versions ant\u00e9rieures \u00e0 4.0.0",
"product": {
"name": "Splunk DB Connect",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise\tversions 9.1.x ant\u00e9rieures \u00e0 9.1.8",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 9.1.x ant\u00e9rieures \u00e0 9.1.2312.208",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise\tversions 9.3.x ant\u00e9rieures \u00e0 9.3.3",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Infrastructure Monitoring Add-on versions ant\u00e9rieures \u00e0 1.2.7",
"product": {
"name": "Splunk Infrastructure Monitoring Add-on",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk App for Data Science and Deep Learning versions 5.1.x ant\u00e9rieures \u00e0 5.2.0",
"product": {
"name": "Splunk App for Data Science and Deep Learning",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise\tversions 9.2.x ant\u00e9rieures \u00e0 9.2.5",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 9.2.x ant\u00e9rieures \u00e0 9.2.2403.115",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise\tversions 9.4.x ant\u00e9rieures \u00e0 9.4.1",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 9.2.2406.10x ant\u00e9rieures \u00e0 9.2.2406.113",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk App for Lookup File Editing versions 4.0.x ant\u00e9rieures \u00e0 4.0.5",
"product": {
"name": "Splunk App for Lookup File Editing",
"vendor": {
"name": "Splunk",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-20229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20229"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2025-20232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20232"
},
{
"name": "CVE-2025-20227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20227"
},
{
"name": "CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"name": "CVE-2025-20226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20226"
},
{
"name": "CVE-2024-38999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38999"
},
{
"name": "CVE-2025-20228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20228"
},
{
"name": "CVE-2024-47875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
},
{
"name": "CVE-2024-21272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21272"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2024-21090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21090"
},
{
"name": "CVE-2025-20231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20231"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2025-20233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20233"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2025-20230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20230"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
}
],
"initial_release_date": "2025-03-27T00:00:00",
"last_revision_date": "2025-03-27T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0245",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-03-27T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
"vendor_advisories": [
{
"published_at": "2025-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0301",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0301"
},
{
"published_at": "2025-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0302",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0302"
},
{
"published_at": "2025-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0312",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0312"
},
{
"published_at": "2025-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0313",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0313"
},
{
"published_at": "2025-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0309",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0309"
},
{
"published_at": "2025-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0306",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0306"
},
{
"published_at": "2025-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0304",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0304"
},
{
"published_at": "2025-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0307",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0307"
},
{
"published_at": "2025-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0305",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0305"
},
{
"published_at": "2025-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0303",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0303"
},
{
"published_at": "2025-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0310",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0310"
},
{
"published_at": "2025-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0308",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0308"
},
{
"published_at": "2025-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0311",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0311"
}
]
}
CERTFR-2025-AVI-0563
Vulnerability from certfr_avis - Published: 2025-07-08 - Updated: 2025-07-08
De multiples vulnérabilités ont été découvertes dans les produits Splunk. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Splunk | Splunk Enterprise | Splunk Enterprise Cloud versions 9.3.2411.x antérieures à 9.3.2411.107 | ||
| Splunk | SOAR | Splunk SOAR versions antérieures à 6.4.1 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 9.4.x antérieures à 9.4.3 | ||
| Splunk | Universal Forwarder | Splunk Universal Forwarder versions 9.2.x antérieures à 9.2.7 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 9.3.x antérieures à 9.3.5 | ||
| Splunk | Splunk DB Connect | Splunk DB Connect versions antérieures à 4.0.0 | ||
| Splunk | Universal Forwarder | Splunk Universal Forwarder versions 9.3.x antérieures à 9.3.5 | ||
| Splunk | Universal Forwarder | Splunk Universal Forwarder versions 9.4.x antérieures à 9.4.3 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise Cloud versions 9.3.2408.x antérieures à 9.3.2408.117 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 9.1.x antérieures à 9.1.10 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 9.2.x antérieures à 9.2.7 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise Cloud versions 9.2.2406.x antérieures à 9.2.2406.121 | ||
| Splunk | Universal Forwarder | Splunk Universal Forwarder versions 9.1.x antérieures à 9.1.10 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Splunk Enterprise Cloud versions 9.3.2411.x ant\u00e9rieures \u00e0 9.3.2411.107",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk SOAR versions ant\u00e9rieures \u00e0 6.4.1",
"product": {
"name": "SOAR",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 9.4.x ant\u00e9rieures \u00e0 9.4.3",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Universal Forwarder versions 9.2.x ant\u00e9rieures \u00e0 9.2.7",
"product": {
"name": "Universal Forwarder",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 9.3.x ant\u00e9rieures \u00e0 9.3.5",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk DB Connect versions ant\u00e9rieures \u00e0 4.0.0",
"product": {
"name": "Splunk DB Connect",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Universal Forwarder versions 9.3.x ant\u00e9rieures \u00e0 9.3.5",
"product": {
"name": "Universal Forwarder",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Universal Forwarder versions 9.4.x ant\u00e9rieures \u00e0 9.4.3",
"product": {
"name": "Universal Forwarder",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise Cloud versions 9.3.2408.x ant\u00e9rieures \u00e0 9.3.2408.117",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 9.1.x ant\u00e9rieures \u00e0 9.1.10",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 9.2.x ant\u00e9rieures \u00e0 9.2.7",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise Cloud versions 9.2.2406.x ant\u00e9rieures \u00e0 9.2.2406.121",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Universal Forwarder versions 9.1.x ant\u00e9rieures \u00e0 9.1.10",
"product": {
"name": "Universal Forwarder",
"vendor": {
"name": "Splunk",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2022-30187",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30187"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-2466",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2466"
},
{
"name": "CVE-2025-27414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27414"
},
{
"name": "CVE-2025-20324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20324"
},
{
"name": "CVE-2025-23388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23388"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2025-20319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20319"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2020-28458",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28458"
},
{
"name": "CVE-2025-20321",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20321"
},
{
"name": "CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"name": "CVE-2025-20325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20325"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2025-23387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23387"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2021-23445",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23445"
},
{
"name": "CVE-2024-48949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48949"
},
{
"name": "CVE-2025-23389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23389"
},
{
"name": "CVE-2024-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
},
{
"name": "CVE-2022-35583",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35583"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-52804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52804"
},
{
"name": "CVE-2025-20300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20300"
},
{
"name": "CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-20323",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20323"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2024-38999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38999"
},
{
"name": "CVE-2025-20320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20320"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2024-45230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45230"
},
{
"name": "CVE-2024-49767",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49767"
},
{
"name": "CVE-2024-47875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
},
{
"name": "CVE-2025-20322",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20322"
},
{
"name": "CVE-2024-21272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21272"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2024-21090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21090"
},
{
"name": "CVE-2013-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-7489"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2024-34064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34064"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2024-0853",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0853"
},
{
"name": "CVE-2025-22952",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22952"
},
{
"name": "CVE-2024-32002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32002"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
}
],
"initial_release_date": "2025-07-08T00:00:00",
"last_revision_date": "2025-07-08T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0563",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
"vendor_advisories": [
{
"published_at": "2025-07-07",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0708",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0708"
},
{
"published_at": "2025-07-07",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0703",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0703"
},
{
"published_at": "2025-07-07",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0701",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0701"
},
{
"published_at": "2025-07-07",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0706",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0706"
},
{
"published_at": "2025-07-07",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0705",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0705"
},
{
"published_at": "2025-07-07",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0702",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0702"
},
{
"published_at": "2025-07-07",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0712",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0712"
},
{
"published_at": "2025-07-07",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0711",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0711"
},
{
"published_at": "2025-07-07",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0707",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0707"
},
{
"published_at": "2025-07-07",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0710",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0710"
},
{
"published_at": "2025-07-07",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0709",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0709"
},
{
"published_at": "2025-07-07",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0704",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0704"
}
]
}
Title
Oracle MySQL拒绝服务漏洞(CNVD-2024-20817)
Description
Oracle MySQL是美国甲骨文(Oracle)公司的一套开源的关系数据库管理系统。
Oracle MySQL的MySQL Connectors存在安全漏洞。攻击者可利用该漏洞导致MySQL服务器挂起或频繁重复崩溃。
Severity
高
Patch Name
Oracle MySQL拒绝服务漏洞(CNVD-2024-20817)的补丁
Patch Description
Oracle MySQL是美国甲骨文(Oracle)公司的一套开源的关系数据库管理系统。
Oracle MySQL的MySQL Connectors存在安全漏洞。攻击者可利用该漏洞导致MySQL服务器挂起或频繁重复崩溃。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://www.oracle.com/security-alerts/cpuapr2024.html
Reference
https://cxsecurity.com/cveshow/CVE-2024-21090/
Impacted products
| Name | Oracle MySQL <=8.3.0 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2024-21090",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-21090"
}
},
"description": "Oracle MySQL\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u5957\u5f00\u6e90\u7684\u5173\u7cfb\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u3002\n\nOracle MySQL\u7684MySQL Connectors\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4MySQL\u670d\u52a1\u5668\u6302\u8d77\u6216\u9891\u7e41\u91cd\u590d\u5d29\u6e83\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.oracle.com/security-alerts/cpuapr2024.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2024-20817",
"openTime": "2024-04-30",
"patchDescription": "Oracle MySQL\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u5957\u5f00\u6e90\u7684\u5173\u7cfb\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u3002\r\n\r\nOracle MySQL\u7684MySQL Connectors\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4MySQL\u670d\u52a1\u5668\u6302\u8d77\u6216\u9891\u7e41\u91cd\u590d\u5d29\u6e83\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Oracle MySQL\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2024-20817\uff09\u7684\u8865\u4e01",
"products": {
"product": "Oracle MySQL \u003c=8.3.0"
},
"referenceLink": "https://cxsecurity.com/cveshow/CVE-2024-21090/",
"serverity": "\u9ad8",
"submitTime": "2024-04-18",
"title": "Oracle MySQL\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2024-20817\uff09"
}
FKIE_CVE-2024-21090
Vulnerability from fkie_nvd - Published: 2024-04-16 22:15 - Updated: 2025-05-13 19:27
Severity
Summary
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | mysql_connector\/python | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:mysql_connector\\/python:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74898A16-F836-4734-A866-A570FCC10655",
"versionEndIncluding": "8.3.0",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el producto MySQL Connectors de Oracle MySQL (componente: Connector/Python). Las versiones compatibles que se ven afectadas son la 8.3.0 y anteriores. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante no autenticado con acceso a la red a trav\u00e9s de m\u00faltiples protocolos comprometa los conectores MySQL. Los ataques exitosos a esta vulnerabilidad pueden resultar en una capacidad no autorizada para provocar un bloqueo o una falla frecuente (DOS completo) de los conectores MySQL. CVSS 3.1 Puntuaci\u00f3n base 7,5 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)."
}
],
"id": "CVE-2024-21090",
"lastModified": "2025-05-13T19:27:28.147",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "secalert_us@oracle.com",
"type": "Secondary"
}
]
},
"published": "2024-04-16T22:15:29.153",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-P26G-V4J8-8QC5
Vulnerability from github – Published: 2024-04-17 00:30 – Updated: 2024-04-17 00:30
VLAI
Details
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
Severity
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2024-21090"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-16T22:15:29Z",
"severity": "HIGH"
},
"details": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"id": "GHSA-p26g-v4j8-8qc5",
"modified": "2024-04-17T00:30:56Z",
"published": "2024-04-17T00:30:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21090"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2024-21090
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2024-21090",
"id": "GSD-2024-21090"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-21090"
],
"details": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"id": "GSD-2024-21090",
"modified": "2023-12-13T01:21:42.759628Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2024-21090",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MySQL Connectors",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "*",
"version_value": "8.3.0"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.oracle.com/security-alerts/cpuapr2024.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el producto MySQL Connectors de Oracle MySQL (componente: Connector/Python). Las versiones compatibles que se ven afectadas son la 8.3.0 y anteriores. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante no autenticado con acceso a la red a trav\u00e9s de m\u00faltiples protocolos comprometa los conectores MySQL. Los ataques exitosos a esta vulnerabilidad pueden resultar en una capacidad no autorizada para provocar un bloqueo o una falla frecuente (DOS completo) de los conectores MySQL. CVSS 3.1 Puntuaci\u00f3n base 7,5 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)."
}
],
"id": "CVE-2024-21090",
"lastModified": "2024-04-17T12:48:31.863",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "secalert_us@oracle.com",
"type": "Primary"
}
]
},
"published": "2024-04-16T22:15:29.153",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Awaiting Analysis"
}
}
}
}
MSRC_CVE-2024-21090
Vulnerability from csaf_microsoft - Published: 2024-04-02 07:00 - Updated: 2026-02-18 14:07Summary
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
Affected products
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17084-2 | — | ||
| Unresolved product id: 17086-1 | — | ||
| Unresolved product id: 17086-3 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2024/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2024/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21090 Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-21090.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"tracking": {
"current_release_date": "2026-02-18T14:07:40.000Z",
"generator": {
"date": "2026-02-20T23:42:45.269Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2024-21090",
"initial_release_date": "2024-04-02T07:00:00.000Z",
"revision_history": [
{
"date": "2025-09-03T21:44:43.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-02-18T14:07:40.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"category": "product_name",
"name": "azl3 mysql 8.0.41-1",
"product": {
"name": "azl3 mysql 8.0.41-1",
"product_id": "2"
}
},
{
"category": "product_name",
"name": "cbl2 mysql 8.0.41-1",
"product": {
"name": "cbl2 mysql 8.0.41-1",
"product_id": "1"
}
},
{
"category": "product_name",
"name": "cbl2 mysql 8.0.41-1",
"product": {
"name": "cbl2 mysql 8.0.41-1",
"product_id": "3"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 mysql 8.0.41-1 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 mysql 8.0.41-1 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 mysql 8.0.41-1 as a component of CBL Mariner 2.0",
"product_id": "17086-3"
},
"product_reference": "3",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-21090",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17084-2",
"17086-1",
"17086-3"
]
}
],
"notes": [
{
"category": "general",
"text": "oracle",
"title": "Assigning CNA"
}
],
"product_status": {
"known_not_affected": [
"17084-2",
"17086-1",
"17086-3"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21090 Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-21090.json"
}
],
"title": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)."
}
]
}
WID-SEC-W-2024-0894
Vulnerability from csaf_certbund - Published: 2024-04-16 22:00 - Updated: 2025-10-27 23:00Summary
Oracle MySQL: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: MySQL ist ein Open Source Datenbankserver von Oracle.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Oracle MySQL ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
MariaDB MariaDB <11.2.4
MariaDB / MariaDB
|
<11.2.4 | ||
|
MariaDB MariaDB <10.6.18
MariaDB / MariaDB
|
<10.6.18 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
MariaDB MariaDB <10.5.25
MariaDB / MariaDB
|
<10.5.25 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
MariaDB MariaDB <10.11.8
MariaDB / MariaDB
|
<10.11.8 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Last affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.0.34
Oracle / MySQL
|
<=8.0.34 | ||
|
Oracle MySQL <=8.0.35
Oracle / MySQL
|
<=8.0.35 | ||
|
Oracle MySQL <=7.6.29
Oracle / MySQL
|
<=7.6.29 | ||
|
Oracle MySQL <=7.5.33
Oracle / MySQL
|
<=7.5.33 | ||
|
Oracle MySQL <=8.0.37
Oracle / MySQL
|
<=8.0.37 | ||
|
Oracle MySQL <=8.0.36
Oracle / MySQL
|
<=8.0.36 | ||
|
Oracle MySQL <=8.3.0
Oracle / MySQL
|
<=8.3.0 | ||
|
Oracle MySQL <=8.2.0
Oracle / MySQL
|
<=8.2.0 |
References
30 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "MySQL ist ein Open Source Datenbankserver von Oracle.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Oracle MySQL ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0894 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0894.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0894 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0894"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2024 - Appendix Oracle MySQL vom 2024-04-16",
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixMSQL"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2619 vom 2024-04-30",
"url": "https://access.redhat.com/errata/RHSA-2024:2619"
},
{
"category": "external",
"summary": "MariaDB 10.11.8 Release Notes vom 2024-05-17",
"url": "https://mariadb.com/kb/en/mariadb-10-11-8-release-notes/"
},
{
"category": "external",
"summary": "MariaDB 10.5.25 Release Notes vom 2024-05-17",
"url": "https://mariadb.com/kb/en/mariadb-10-5-25-release-notes/"
},
{
"category": "external",
"summary": "MariaDB 10.6.18 Release Notes vom 2024-05-17",
"url": "https://mariadb.com/kb/en/mariadb-10-6-18-release-notes/"
},
{
"category": "external",
"summary": "MariaDB 11.2.4 Release Notes vom 2024-05-17",
"url": "https://mariadb.com/kb/en/mariadb-11-2-4-release-notes/"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-D61BFFD77F vom 2024-06-09",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-d61bffd77f"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-6EA93E629B vom 2024-06-07",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-6ea93e629b"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1985-1 vom 2024-06-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018698.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6823-1 vom 2024-06-11",
"url": "https://ubuntu.com/security/notices/USN-6823-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2032-1 vom 2024-06-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018721.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6839-1 vom 2024-06-19",
"url": "https://ubuntu.com/security/notices/USN-6839-1"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASMARIADB10.5-2024-006 vom 2024-07-23",
"url": "https://alas.aws.amazon.com/AL2/ALASMARIADB10.5-2024-006.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3018-1 vom 2024-08-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019311.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3891 vom 2024-09-18",
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00034.html"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX24-017 vom 2024-11-21",
"url": "https://securitydocs.business.xerox.com/wp-content/uploads/2024/11/Xerox-Security-Bulletin-XRX24-017-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0739 vom 2025-01-28",
"url": "https://access.redhat.com/errata/RHSA-2025:0739"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0737 vom 2025-01-28",
"url": "https://access.redhat.com/errata/RHSA-2025:0737"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-0737 vom 2025-01-29",
"url": "https://linux.oracle.com/errata/ELSA-2025-0737.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-0739 vom 2025-01-30",
"url": "https://linux.oracle.com/errata/ELSA-2025-0739.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0912 vom 2025-02-04",
"url": "https://access.redhat.com/errata/RHSA-2025:0912"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-0912 vom 2025-02-05",
"url": "https://linux.oracle.com/errata/ELSA-2025-0912.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-0914 vom 2025-02-06",
"url": "https://linux.oracle.com/errata/ELSA-2025-0914.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:0739 vom 2025-02-13",
"url": "https://errata.build.resf.org/RLSA-2025:0739"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:0737 vom 2025-02-13",
"url": "https://errata.build.resf.org/RLSA-2025:0737"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2POSTGRESQL13-2025-012 vom 2025-09-04",
"url": "https://alas.aws.amazon.com/AL2/ALAS2POSTGRESQL13-2025-012.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2POSTGRESQL14-2025-019 vom 2025-09-04",
"url": "https://alas.aws.amazon.com/AL2/ALAS2POSTGRESQL14-2025-019.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7249276 vom 2025-10-27",
"url": "https://www.ibm.com/support/pages/node/7249276"
}
],
"source_lang": "en-US",
"title": "Oracle MySQL: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-27T23:00:00.000+00:00",
"generator": {
"date": "2025-10-28T09:48:50.552+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2024-0894",
"initial_release_date": "2024-04-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-04-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-05-01T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-05-16T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-06-09T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2024-06-11T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
},
{
"date": "2024-06-16T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-06-18T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-07-22T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-08-26T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-09-17T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2024-11-21T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von XEROX aufgenommen"
},
{
"date": "2025-01-27T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-01-29T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-02-03T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-05T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-02-13T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-09-04T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-10-27T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "18"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM QRadar SIEM",
"product": {
"name": "IBM QRadar SIEM",
"product_id": "T021415",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.11.8",
"product": {
"name": "MariaDB MariaDB \u003c10.11.8",
"product_id": "T034883"
}
},
{
"category": "product_version",
"name": "10.11.8",
"product": {
"name": "MariaDB MariaDB 10.11.8",
"product_id": "T034883-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mariadb:mariadb:10.11.8"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.5.25",
"product": {
"name": "MariaDB MariaDB \u003c10.5.25",
"product_id": "T034884"
}
},
{
"category": "product_version",
"name": "10.5.25",
"product": {
"name": "MariaDB MariaDB 10.5.25",
"product_id": "T034884-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mariadb:mariadb:10.5.25"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.6.18",
"product": {
"name": "MariaDB MariaDB \u003c10.6.18",
"product_id": "T034886"
}
},
{
"category": "product_version",
"name": "10.6.18",
"product": {
"name": "MariaDB MariaDB 10.6.18",
"product_id": "T034886-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mariadb:mariadb:10.6.18"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.2.4",
"product": {
"name": "MariaDB MariaDB \u003c11.2.4",
"product_id": "T034887"
}
},
{
"category": "product_version",
"name": "11.2.4",
"product": {
"name": "MariaDB MariaDB 11.2.4",
"product_id": "T034887-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mariadb:mariadb:11.2.4"
}
}
}
],
"category": "product_name",
"name": "MariaDB"
}
],
"category": "vendor",
"name": "MariaDB"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=8.0.34",
"product": {
"name": "Oracle MySQL \u003c=8.0.34",
"product_id": "1502323"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.0.34",
"product": {
"name": "Oracle MySQL \u003c=8.0.34",
"product_id": "1502323-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.0.35",
"product": {
"name": "Oracle MySQL \u003c=8.0.35",
"product_id": "T030610"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.0.35",
"product": {
"name": "Oracle MySQL \u003c=8.0.35",
"product_id": "T030610-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.0.36",
"product": {
"name": "Oracle MySQL \u003c=8.0.36",
"product_id": "T032120"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.0.36",
"product": {
"name": "Oracle MySQL \u003c=8.0.36",
"product_id": "T032120-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.2.0",
"product": {
"name": "Oracle MySQL \u003c=8.2.0",
"product_id": "T032121"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.2.0",
"product": {
"name": "Oracle MySQL \u003c=8.2.0",
"product_id": "T032121-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.3.0",
"product": {
"name": "Oracle MySQL \u003c=8.3.0",
"product_id": "T034178"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.3.0",
"product": {
"name": "Oracle MySQL \u003c=8.3.0",
"product_id": "T034178-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.0.37",
"product": {
"name": "Oracle MySQL \u003c=8.0.37",
"product_id": "T034179"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.0.37",
"product": {
"name": "Oracle MySQL \u003c=8.0.37",
"product_id": "T034179-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=7.5.33",
"product": {
"name": "Oracle MySQL \u003c=7.5.33",
"product_id": "T034180"
}
},
{
"category": "product_version_range",
"name": "\u003c=7.5.33",
"product": {
"name": "Oracle MySQL \u003c=7.5.33",
"product_id": "T034180-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=7.6.29",
"product": {
"name": "Oracle MySQL \u003c=7.6.29",
"product_id": "T034181"
}
},
{
"category": "product_version_range",
"name": "\u003c=7.6.29",
"product": {
"name": "Oracle MySQL \u003c=7.6.29",
"product_id": "T034181-fixed"
}
}
],
"category": "product_name",
"name": "MySQL"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "v9",
"product": {
"name": "Xerox FreeFlow Print Server v9",
"product_id": "T015632",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:v9"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44487",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-6129",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-6129"
},
{
"cve": "CVE-2024-0853",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-0853"
},
{
"cve": "CVE-2024-20993",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-20993"
},
{
"cve": "CVE-2024-20994",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-20994"
},
{
"cve": "CVE-2024-20998",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-20998"
},
{
"cve": "CVE-2024-21000",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21000"
},
{
"cve": "CVE-2024-21008",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21008"
},
{
"cve": "CVE-2024-21009",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21009"
},
{
"cve": "CVE-2024-21013",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21013"
},
{
"cve": "CVE-2024-21015",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21015"
},
{
"cve": "CVE-2024-21047",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21047"
},
{
"cve": "CVE-2024-21049",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21049"
},
{
"cve": "CVE-2024-21050",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21050"
},
{
"cve": "CVE-2024-21051",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21051"
},
{
"cve": "CVE-2024-21052",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21052"
},
{
"cve": "CVE-2024-21053",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21053"
},
{
"cve": "CVE-2024-21054",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21054"
},
{
"cve": "CVE-2024-21055",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21055"
},
{
"cve": "CVE-2024-21056",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21056"
},
{
"cve": "CVE-2024-21057",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21057"
},
{
"cve": "CVE-2024-21060",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21060"
},
{
"cve": "CVE-2024-21061",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21061"
},
{
"cve": "CVE-2024-21062",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21062"
},
{
"cve": "CVE-2024-21069",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21069"
},
{
"cve": "CVE-2024-21087",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21087"
},
{
"cve": "CVE-2024-21090",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21090"
},
{
"cve": "CVE-2024-21096",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21096"
},
{
"cve": "CVE-2024-21101",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21101"
},
{
"cve": "CVE-2024-21102",
"product_status": {
"known_affected": [
"T034887",
"T034886",
"67646",
"T015632",
"T004914",
"T034884",
"T032255",
"T034883",
"74185",
"2951",
"T002207",
"T000126",
"T021415",
"398363"
],
"last_affected": [
"1502323",
"T030610",
"T034181",
"T034180",
"T034179",
"T032120",
"T034178",
"T032121"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21102"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…