Risk | High |
Patch available | YES |
Number of vulnerabilities | 218 |
CVE-ID | CVE-2021-22570 CVE-2022-21412 CVE-2022-21413 CVE-2022-21414 CVE-2022-21417 CVE-2022-21418 CVE-2022-21423 CVE-2022-21425 CVE-2022-21427 CVE-2022-21435 CVE-2022-21437 CVE-2022-21438 CVE-2022-21440 CVE-2022-21444 CVE-2022-21451 CVE-2022-21454 CVE-2022-21455 CVE-2022-21457 CVE-2022-21459 CVE-2022-21462 CVE-2022-21478 CVE-2022-21479 CVE-2022-21482 CVE-2022-21483 CVE-2022-21484 CVE-2022-21485 CVE-2022-21486 CVE-2022-21489 CVE-2022-21490 CVE-2022-21509 CVE-2022-21515 CVE-2022-21517 CVE-2022-21525 CVE-2022-21526 CVE-2022-21527 CVE-2022-21528 CVE-2022-21529 CVE-2022-21530 CVE-2022-21531 CVE-2022-21534 CVE-2022-21537 CVE-2022-21538 CVE-2022-21539 CVE-2022-21547 CVE-2022-21556 CVE-2022-21569 CVE-2022-21592 CVE-2022-21594 CVE-2022-21599 CVE-2022-21604 CVE-2022-21605 CVE-2022-21607 CVE-2022-21608 CVE-2022-21611 CVE-2022-21617 CVE-2022-21625 CVE-2022-21632 CVE-2022-21633 CVE-2022-21635 CVE-2022-21637 CVE-2022-21638 CVE-2022-21640 CVE-2022-21641 CVE-2022-32221 CVE-2022-39400 CVE-2022-39408 CVE-2022-39410 CVE-2022-43551 CVE-2023-0215 CVE-2023-21836 CVE-2023-21863 CVE-2023-21864 CVE-2023-21865 CVE-2023-21866 CVE-2023-21867 CVE-2023-21868 CVE-2023-21869 CVE-2023-21870 CVE-2023-21871 CVE-2023-21872 CVE-2023-21873 CVE-2023-21874 CVE-2023-21875 CVE-2023-21876 CVE-2023-21877 CVE-2023-21878 CVE-2023-21879 CVE-2023-21880 CVE-2023-21881 CVE-2023-21882 CVE-2023-21883 CVE-2023-21887 CVE-2023-21911 CVE-2023-21912 CVE-2023-21913 CVE-2023-21917 CVE-2023-21919 CVE-2023-21920 CVE-2023-21929 CVE-2023-21933 CVE-2023-21935 CVE-2023-21940 CVE-2023-21945 CVE-2023-21946 CVE-2023-21947 CVE-2023-21953 CVE-2023-21955 CVE-2023-21962 CVE-2023-21963 CVE-2023-21966 CVE-2023-21972 CVE-2023-21976 CVE-2023-21977 CVE-2023-21980 CVE-2023-21982 CVE-2023-22005 CVE-2023-22007 CVE-2023-22008 CVE-2023-22015 CVE-2023-22026 CVE-2023-22028 CVE-2023-22032 CVE-2023-22033 CVE-2023-22038 CVE-2023-22046 CVE-2023-22048 CVE-2023-22053 CVE-2023-22054 CVE-2023-22056 CVE-2023-22057 CVE-2023-22058 CVE-2023-22059 CVE-2023-22064 CVE-2023-22065 CVE-2023-22066 CVE-2023-22068 CVE-2023-22070 CVE-2023-22078 CVE-2023-22079 CVE-2023-22084 CVE-2023-22092 CVE-2023-22097 CVE-2023-22103 CVE-2023-22104 CVE-2023-22110 CVE-2023-22111 CVE-2023-22112 CVE-2023-22113 CVE-2023-22114 CVE-2023-22115 CVE-2023-38545 CVE-2023-6129 CVE-2024-20960 CVE-2024-20961 CVE-2024-20962 CVE-2024-20963 CVE-2024-20964 CVE-2024-20965 CVE-2024-20966 CVE-2024-20967 CVE-2024-20968 CVE-2024-20969 CVE-2024-20970 CVE-2024-20971 CVE-2024-20972 CVE-2024-20973 CVE-2024-20974 CVE-2024-20976 CVE-2024-20977 CVE-2024-20978 CVE-2024-20981 CVE-2024-20982 CVE-2024-20983 CVE-2024-20984 CVE-2024-20985 CVE-2024-20993 CVE-2024-20994 CVE-2024-20996 CVE-2024-20998 CVE-2024-21000 CVE-2024-21008 CVE-2024-21009 CVE-2024-21013 CVE-2024-21015 CVE-2024-21047 CVE-2024-21050 CVE-2024-21051 CVE-2024-21053 CVE-2024-21054 CVE-2024-21055 CVE-2024-21056 CVE-2024-21057 CVE-2024-21060 CVE-2024-21061 CVE-2024-21062 CVE-2024-21069 CVE-2024-21087 CVE-2024-21096 CVE-2024-21102 CVE-2024-21125 CVE-2024-21127 CVE-2024-21129 CVE-2024-21130 CVE-2024-21134 CVE-2024-21135 CVE-2024-21137 CVE-2024-21142 CVE-2024-21157 CVE-2024-21159 CVE-2024-21160 CVE-2024-21162 CVE-2024-21163 CVE-2024-21165 CVE-2024-21166 CVE-2024-21171 CVE-2024-21173 CVE-2024-21177 CVE-2024-21179 |
CWE-ID | CWE-20 CWE-125 CWE-119 CWE-440 CWE-254 CWE-416 CWE-122 CWE-371 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #151 is available. |
Vulnerable software |
openEuler Operating systems & Components / Operating system mysql-test Operating systems & Components / Operating system package or component mysql-server Operating systems & Components / Operating system package or component mysql-libs Operating systems & Components / Operating system package or component mysql-help Operating systems & Components / Operating system package or component mysql-errmsg Operating systems & Components / Operating system package or component mysql-devel Operating systems & Components / Operating system package or component mysql-debugsource Operating systems & Components / Operating system package or component mysql-debuginfo Operating systems & Components / Operating system package or component mysql-config Operating systems & Components / Operating system package or component mysql-common Operating systems & Components / Operating system package or component mysql Operating systems & Components / Operating system package or component |
Vendor | openEuler |
Security Bulletin
This security bulletin contains information about 218 vulnerabilities.
EUVDB-ID: #VU62403
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-22570
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Compiling (protobuf) component in MySQL Server. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62419
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21412
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62417
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21413
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62420
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21414
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62416
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21417
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62415
Risk: Medium
CVSSv3.1: 4.4 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21418
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62434
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21423
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform service disruption.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform service disruption.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62410
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21425
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62418
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21427
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: FTS component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62421
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21435
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62423
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21437
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62424
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21438
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62411
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21440
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62429
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21444
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62428
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21451
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62404
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21454
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Group Replication Plugin component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65522
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21455
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to manipulate data.
The vulnerability exists due to improper input validation within the Server: PAM Auth Plugin component in MySQL Server. A remote privileged user can exploit this vulnerability to manipulate data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62409
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21457
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Server: PAM Auth Plugin component in MySQL Server. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62412
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21459
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62426
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21462
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62413
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21478
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62414
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21479
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the Optimizer component. A remote user can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62405
Risk: Medium
CVSSv3.1: 5.5 [CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21482
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to execute arbitrary code.
The vulnerability exists due to improper input validation within the Cluster: General component in MySQL Cluster. A remote privileged user can exploit this vulnerability to execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62406
Risk: Medium
CVSSv3.1: 5.5 [CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21483
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to execute arbitrary code.
The vulnerability exists due to improper input validation within the Cluster: General component in MySQL Cluster. A remote privileged user can exploit this vulnerability to execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62431
Risk: Low
CVSSv3.1: 2.6 [CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21484
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to read memory contents or crash the application.
The vulnerability exists due to improper input validation within the Cluster: General component in MySQL Cluster. A remote privileged user can exploit this vulnerability to read memory contents or crash the application.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62432
Risk: Low
CVSSv3.1: 2.6 [CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21485
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to read memory contents or crash the application.
The vulnerability exists due to improper input validation within the Cluster: General component in MySQL Cluster. A remote privileged user can exploit this vulnerability to read memory contents or crash the application.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62433
Risk: Low
CVSSv3.1: 2.6 [CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21486
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to read memory contents or crash the application.
The vulnerability exists due to improper input validation within the Cluster: General component in MySQL Cluster. A remote privileged user can exploit this vulnerability to read memory contents or crash the application.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62407
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21489
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing Data Node jobs. A remote user can send specially crafted request to the database, trigger a buffer overflow and execute arbitrary code on the system.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62408
Risk: Medium
CVSSv3.1: 5.5 [CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21490
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to execute arbitrary code.
The vulnerability exists due to improper input validation when parsing Data Node jobs. A remote privileged user can exploit this vulnerability to execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65510
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21509
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65521
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21515
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Options component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65512
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21517
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65515
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21525
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65516
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21526
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65508
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21527
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65509
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21528
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65517
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21529
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65518
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21530
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65519
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21531
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65523
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21534
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Stored Procedure component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65513
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21537
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65526
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21538
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform service disruption.
The vulnerability exists due to improper input validation within the Server: Security: Encryption component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform service disruption.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65511
Risk: Medium
CVSSv3.1: 4.4 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21539
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to read and manipulate data.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote authenticated user can exploit this vulnerability to read and manipulate data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65514
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21547
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Federated component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65504
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21556
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65505
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21569
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68463
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21592
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Server: Security: Encryption component in MySQL Server. A remote authenticated user can exploit this vulnerability to gain access to sensitive information.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68451
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21594
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68460
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21599
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Stored Procedure component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68447
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21604
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68450
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21605
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Data Dictionary component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68452
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21607
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68453
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21608
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68467
Risk: Low
CVSSv3.1: 3.6 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21611
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A local privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68449
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21617
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Connection Handling component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68462
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21625
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68459
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21632
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68458
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21633
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Replication component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68444
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21635
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68448
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21637
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68454
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21638
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68455
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21640
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68456
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21641
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68746
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32221
CWE-ID:
CWE-440 - Expected Behavior Violation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to force unexpected application behavior.
The vulnerability exists due to a logic error for a reused handle when processing subsequent HTTP PUT and POST requests. The libcurl can erroneously use the read callback (CURLOPT_READFUNCTION
) to ask for data to send, even when the CURLOPT_POSTFIELDS
option has been set, if the same handle previously was used to issue a PUT
request, which used that callback. As a result, such behavior can influence application flow and force unpredictable outcome.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68457
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-39400
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68445
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-39408
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68446
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-39410
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU70457
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-43551
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists in the way curl handles IDN characters in hostnames. The HSTS mechanism could be bypassed if the hostname in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Then in a subsequent request it does not detect the HSTS state and makes a clear text transfer.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71995
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-0215
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the BIO_new_NDEF function. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71270
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21836
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71272
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21863
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71273
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21864
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71274
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21865
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71275
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21866
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71276
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21867
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71262
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21868
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71265
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21869
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71277
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21870
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71269
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21871
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71268
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21872
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71278
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21873
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71286
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21874
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform service disruption.
The vulnerability exists due to improper input validation within the Server: Thread Pooling component in MySQL Server. A remote privileged user can exploit this vulnerability to perform service disruption.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71264
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21875
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Security: Encryption component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71279
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21876
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71266
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21877
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71280
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21878
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71281
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21879
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71267
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21880
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71282
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21881
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71285
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21882
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to manipulate data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to manipulate data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71283
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21883
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU71271
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21887
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: GIS component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75275
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21911
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75270
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21912
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75281
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21913
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75282
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21917
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75277
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21919
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75283
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21920
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75273
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21929
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75278
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21933
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75284
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21935
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75291
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21940
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Components Services component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75285
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21945
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75272
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21946
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75292
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21947
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Components Services component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75289
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21953
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Partition component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75290
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21955
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Partition component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75276
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21962
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Components Services component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75293
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21963
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform service disruption.
The vulnerability exists due to improper input validation within the Server: Connection Handling component in MySQL Server. A remote privileged user can exploit this vulnerability to perform service disruption.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75280
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21966
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: JSON component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75279
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21972
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75286
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21976
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75287
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21977
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75271
Risk: Medium
CVSSv3.1: 6.2 [CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21980
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to execute arbitrary code.
The vulnerability exists due to improper input validation within the Client programs component in MySQL Server. A remote authenticated user can exploit this vulnerability to execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75288
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-21982
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU78429
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22005
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Replication component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU78425
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22007
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Replication component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU78420
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22008
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82156
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22015
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82157
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22026
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82158
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22028
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82159
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22032
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU78427
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22033
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU78431
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22038
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to manipulate data.
The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote privileged user can exploit this vulnerability to manipulate data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU78421
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22046
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU78430
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22048
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Server: Pluggable Auth component in MySQL Server. A remote authenticated user can exploit this vulnerability to gain access to sensitive information.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU78419
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22053
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to access sensitive information or perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Client programs component in MySQL Server. A remote authenticated user can exploit this vulnerability to access sensitive information or perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU78422
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22054
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU78423
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22056
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU78426
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22057
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Replication component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU78428
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22058
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82146
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22059
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82160
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22064
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82161
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22065
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82150
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22066
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82151
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22068
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82162
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22070
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82166
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22078
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82147
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22079
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82154
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22084
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82167
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22092
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82149
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22097
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82163
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22103
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82152
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22104
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82164
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22110
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82168
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22111
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: UDF component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82165
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22112
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82169
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22113
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Server: Security: Encryption component in MySQL Server. A remote privileged user can exploit this vulnerability to gain access to sensitive information.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82153
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22114
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82155
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22115
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU81865
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2023-38545
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the SOCKS5 proxy handshake. A remote attacker can trick the victim to visit a malicious website, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system but requires that SOCKS5 proxy is used and that SOCKS5 handshake is slow (e.g. under heavy load or DoS attack).
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU85170
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6129
CWE-ID:
CWE-371 - State Issues
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error in POLY1305 MAC (message authentication code) implementation on PowerPC CPU based platforms if the CPU provides vector instructions. A remote attacker can perform a denial of service (DoS) attack.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85483
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20960
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: RAPID component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85478
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20961
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85479
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20962
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85484
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20963
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Security: Encryption component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85488
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20964
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85489
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20965
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85492
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20966
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85487
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20967
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Replication component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85501
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20968
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Options component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85486
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20969
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85493
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20970
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85494
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20971
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85495
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20972
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85480
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20973
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85496
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20974
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85497
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20976
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85482
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20977
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85498
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20978
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85490
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20981
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85499
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20982
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85491
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20983
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85500
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20984
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server : Security : Firewall component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU85485
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20985
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: UDF component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88689
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20993
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88676
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20994
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Information Schema component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94570
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20996
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88690
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20998
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88699
Risk: Low
CVSSv3.1: 3.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21000
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to read and manipulate data.
The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote privileged user can exploit this vulnerability to read and manipulate data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88697
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21008
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88691
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21009
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88698
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21013
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88675
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21015
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88678
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21047
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88682
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21050
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88683
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21051
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88685
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21053
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88692
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21054
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88693
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21055
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88686
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21056
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88694
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21057
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88687
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21060
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Data Dictionary component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88679
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21061
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Audit Plug-in component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88695
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21062
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88680
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21069
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88688
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21087
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Group Replication Plugin component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88696
Risk: Low
CVSSv3.1: 4.3 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21096
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local non-authenticated attacker to read and manipulate data.
The vulnerability exists due to improper input validation within the Client: mysqldump component in MySQL Server. A local non-authenticated attacker can exploit this vulnerability to read and manipulate data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88677
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21102
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Thread Pooling component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94569
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21125
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: FTS component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94577
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21127
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94578
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21129
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94579
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21130
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94585
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21134
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform service disruption.
The vulnerability exists due to improper input validation within the Server: Connection Handling component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform service disruption.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94580
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21135
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94581
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21137
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
mysql-test: before 8.0.38-1
mysql-server: before 8.0.38-1
mysql-libs: before 8.0.38-1
mysql-help: before 8.0.38-1
mysql-errmsg: before 8.0.38-1
mysql-devel: before 8.0.38-1
mysql-debugsource: before 8.0.38-1
mysql-debuginfo: before 8.0.38-1
mysql-config: before 8.0.38-1
mysql-common: before 8.0.38-1
mysql: before 8.0.38-1
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2071