Vulnerability-Lookup

alsa-2022:7119

Vulnerability from osv_almalinux

Published

2022-10-25 00:00

Modified

2023-09-15 13:41

Summary

Moderate: mysql:8.0 security, bug fix, and enhancement update

Details

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.

The following packages have been upgraded to a later upstream version: mysql (8.0.30).

Security Fix(es):

mysql: Server: DML multiple unspecified vulnerabilities (CVE-2021-2478, CVE-2021-2479, CVE-2021-35591, CVE-2021-35607, CVE-2022-21301, CVE-2022-21413)
mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2021-2481, CVE-2021-35575, CVE-2021-35577, CVE-2021-35610, CVE-2021-35612, CVE-2021-35626, CVE-2021-35627, CVE-2021-35628, CVE-2021-35634, CVE-2021-35635, CVE-2021-35636, CVE-2021-35638, CVE-2021-35641, CVE-2021-35642, CVE-2021-35643, CVE-2021-35644, CVE-2021-35645, CVE-2021-35646, CVE-2021-35647, CVE-2022-21253, CVE-2022-21254, CVE-2022-21264, CVE-2022-21278, CVE-2022-21297, CVE-2022-21339, CVE-2022-21342, CVE-2022-21351, CVE-2022-21370, CVE-2022-21378, CVE-2022-21412, CVE-2022-21414, CVE-2022-21435, CVE-2022-21436, CVE-2022-21437, CVE-2022-21438, CVE-2022-21440, CVE-2022-21452, CVE-2022-21459, CVE-2022-21462, CVE-2022-21478, CVE-2022-21479, CVE-2022-21509, CVE-2022-21525, CVE-2022-21526, CVE-2022-21527, CVE-2022-21528, CVE-2022-21529, CVE-2022-21530, CVE-2022-21531, CVE-2022-21553, CVE-2022-21569, CVE-2022-21265)
mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2021-35546, CVE-2022-21344, CVE-2022-21415)
mysql: Server: Error Handling unspecified vulnerability (CVE-2021-35596)
mysql: C API unspecified vulnerability (CVE-2021-35597)
mysql: Server: Options multiple unspecified vulnerabilities (CVE-2021-35602, CVE-2021-35630, CVE-2022-21515)
mysql: InnoDB multiple unspecified vulnerabilities (CVE-2021-35604, CVE-2022-21302, CVE-2022-21348, CVE-2022-21352, CVE-2022-21417, CVE-2022-21418, CVE-2022-21451, CVE-2022-21517, CVE-2022-21537, CVE-2022-21539, CVE-2022-21423)
mysql: Server: Group Replication Plugin multiple unspecified vulnerabilities (CVE-2021-35608, CVE-2022-21256, CVE-2022-21379, CVE-2022-21454)
mysql: Server: Security: Encryption multiple unspecified vulnerabilities (CVE-2021-35622, CVE-2022-21358, CVE-2022-21372, CVE-2022-21538)
mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2021-35624, CVE-2022-21245, CVE-2021-35625)
mysql: Server: GIS unspecified vulnerability (CVE-2021-35631)
mysql: Server: Data Dictionary unspecified vulnerability (CVE-2021-35632)
mysql: Server: PS unspecified vulnerability (CVE-2021-35637)
mysql: Server: Stored Procedure multiple unspecified vulnerabilities (CVE-2021-35639, CVE-2022-21303, CVE-2022-21522, CVE-2022-21534)
mysql: Server: FTS multiple unspecified vulnerabilities (CVE-2021-35648, CVE-2022-21427)
mysql: Server: Federated multiple unspecified vulnerabilities (CVE-2022-21270, CVE-2022-21547)
mysql: Server: Parser unspecified vulnerability (CVE-2022-21304)
mysql: Server: Information Schema multiple unspecified vulnerabilities (CVE-2022-21362, CVE-2022-21374)
mysql: Server: Compiling unspecified vulnerability (CVE-2022-21367)
mysql: Server: Components Services unspecified vulnerability (CVE-2022-21368)
mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2022-21425, CVE-2022-21444, CVE-2021-35640, CVE-2022-21249)
mysql: Server: PAM Auth Plugin unspecified vulnerability (CVE-2022-21457)
mysql: Server: Logging multiple unspecified vulnerabilities (CVE-2022-21460, CVE-2021-35633)
mysql: Server: Security: Roles unspecified vulnerability (CVE-2021-35623)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

Rebuild mecab due to change in the suffix (from .el8 to .el8.0.0) [almalinux-8] (BZ#2110940)

References

URL

Type

	https://access.redhat.com/errata/RHSA-2022:7119	ADVISORY
	https://access.redhat.com/security/cve/CVE-2021-2478	REPORT
	https://access.redhat.com/security/cve/CVE-2021-2479	REPORT
	https://access.redhat.com/security/cve/CVE-2021-2481	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35546	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35575	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35577	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35591	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35596	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35597	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35602	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35604	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35607	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35608	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35610	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35612	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35622	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35623	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35624	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35625	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35626	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35627	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35628	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35630	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35631	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35632	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35633	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35634	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35635	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35636	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35637	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35638	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35639	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35640	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35641	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35642	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35643	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35644	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35645	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35646	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35647	REPORT
	https://access.redhat.com/security/cve/CVE-2021-35648	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21245	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21249	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21253	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21254	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21256	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21264	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21265	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21270	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21278	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21297	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21301	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21302	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21303	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21304	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21339	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21342	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21344	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21348	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21351	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21352	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21358	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21362	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21367	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21368	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21370	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21372	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21374	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21378	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21379	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21412	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21413	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21414	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21415	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21417	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21418	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21423	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21425	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21427	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21435	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21436	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21437	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21438	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21440	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21444	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21451	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21452	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21454	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21457	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21459	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21460	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21462	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21478	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21479	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21509	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21515	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21517	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21522	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21525	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21526	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21527	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21528	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21529	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21530	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21531	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21534	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21537	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21538	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21539	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21547	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21553	REPORT
	https://access.redhat.com/security/cve/CVE-2022-21569	REPORT
	https://bugzilla.redhat.com/2016089	REPORT
	https://bugzilla.redhat.com/2016090	REPORT
	https://bugzilla.redhat.com/2016091	REPORT
	https://bugzilla.redhat.com/2016093	REPORT
	https://bugzilla.redhat.com/2016094	REPORT
	https://bugzilla.redhat.com/2016095	REPORT
	https://bugzilla.redhat.com/2016097	REPORT
	https://bugzilla.redhat.com/2016098	REPORT
	https://bugzilla.redhat.com/2016099	REPORT
	https://bugzilla.redhat.com/2016100	REPORT
	https://bugzilla.redhat.com/2016101	REPORT
	https://bugzilla.redhat.com/2016104	REPORT
	https://bugzilla.redhat.com/2016105	REPORT
	https://bugzilla.redhat.com/2016106	REPORT
	https://bugzilla.redhat.com/2016107	REPORT
	https://bugzilla.redhat.com/2016108	REPORT
	https://bugzilla.redhat.com/2016109	REPORT
	https://bugzilla.redhat.com/2016110	REPORT
	https://bugzilla.redhat.com/2016111	REPORT
	https://bugzilla.redhat.com/2016112	REPORT
	https://bugzilla.redhat.com/2016113	REPORT
	https://bugzilla.redhat.com/2016114	REPORT
	https://bugzilla.redhat.com/2016117	REPORT
	https://bugzilla.redhat.com/2016118	REPORT
	https://bugzilla.redhat.com/2016119	REPORT
	https://bugzilla.redhat.com/2016120	REPORT
	https://bugzilla.redhat.com/2016121	REPORT
	https://bugzilla.redhat.com/2016122	REPORT
	https://bugzilla.redhat.com/2016124	REPORT
	https://bugzilla.redhat.com/2016126	REPORT
	https://bugzilla.redhat.com/2016127	REPORT
	https://bugzilla.redhat.com/2016128	REPORT
	https://bugzilla.redhat.com/2016129	REPORT
	https://bugzilla.redhat.com/2016130	REPORT
	https://bugzilla.redhat.com/2016131	REPORT
	https://bugzilla.redhat.com/2016132	REPORT
	https://bugzilla.redhat.com/2016133	REPORT
	https://bugzilla.redhat.com/2016134	REPORT
	https://bugzilla.redhat.com/2016135	REPORT
	https://bugzilla.redhat.com/2016137	REPORT
	https://bugzilla.redhat.com/2016138	REPORT
	https://bugzilla.redhat.com/2043620	REPORT
	https://bugzilla.redhat.com/2043621	REPORT
	https://bugzilla.redhat.com/2043622	REPORT
	https://bugzilla.redhat.com/2043623	REPORT
	https://bugzilla.redhat.com/2043624	REPORT
	https://bugzilla.redhat.com/2043625	REPORT
	https://bugzilla.redhat.com/2043626	REPORT
	https://bugzilla.redhat.com/2043627	REPORT
	https://bugzilla.redhat.com/2043628	REPORT
	https://bugzilla.redhat.com/2043629	REPORT
	https://bugzilla.redhat.com/2043630	REPORT
	https://bugzilla.redhat.com/2043631	REPORT
	https://bugzilla.redhat.com/2043632	REPORT
	https://bugzilla.redhat.com/2043633	REPORT
	https://bugzilla.redhat.com/2043634	REPORT
	https://bugzilla.redhat.com/2043635	REPORT
	https://bugzilla.redhat.com/2043636	REPORT
	https://bugzilla.redhat.com/2043637	REPORT
	https://bugzilla.redhat.com/2043638	REPORT
	https://bugzilla.redhat.com/2043639	REPORT
	https://bugzilla.redhat.com/2043640	REPORT
	https://bugzilla.redhat.com/2043641	REPORT
	https://bugzilla.redhat.com/2043642	REPORT
	https://bugzilla.redhat.com/2043643	REPORT
	https://bugzilla.redhat.com/2043644	REPORT
	https://bugzilla.redhat.com/2043645	REPORT
	https://bugzilla.redhat.com/2043646	REPORT
	https://bugzilla.redhat.com/2043647	REPORT
	https://bugzilla.redhat.com/2043648	REPORT
	https://bugzilla.redhat.com/2082636	REPORT
	https://bugzilla.redhat.com/2082637	REPORT
	https://bugzilla.redhat.com/2082638	REPORT
	https://bugzilla.redhat.com/2082639	REPORT
	https://bugzilla.redhat.com/2082640	REPORT
	https://bugzilla.redhat.com/2082641	REPORT
	https://bugzilla.redhat.com/2082642	REPORT
	https://bugzilla.redhat.com/2082643	REPORT
	https://bugzilla.redhat.com/2082644	REPORT
	https://bugzilla.redhat.com/2082645	REPORT
	https://bugzilla.redhat.com/2082646	REPORT
	https://bugzilla.redhat.com/2082647	REPORT
	https://bugzilla.redhat.com/2082648	REPORT
	https://bugzilla.redhat.com/2082649	REPORT
	https://bugzilla.redhat.com/2082650	REPORT
	https://bugzilla.redhat.com/2082651	REPORT
	https://bugzilla.redhat.com/2082652	REPORT
	https://bugzilla.redhat.com/2082653	REPORT
	https://bugzilla.redhat.com/2082654	REPORT
	https://bugzilla.redhat.com/2082655	REPORT
	https://bugzilla.redhat.com/2082656	REPORT
	https://bugzilla.redhat.com/2082657	REPORT
	https://bugzilla.redhat.com/2082658	REPORT
	https://bugzilla.redhat.com/2082659	REPORT
	https://bugzilla.redhat.com/2115283	REPORT
	https://bugzilla.redhat.com/2115284	REPORT
	https://bugzilla.redhat.com/2115285	REPORT
	https://bugzilla.redhat.com/2115286	REPORT
	https://bugzilla.redhat.com/2115287	REPORT
	https://bugzilla.redhat.com/2115288	REPORT
	https://bugzilla.redhat.com/2115289	REPORT
	https://bugzilla.redhat.com/2115290	REPORT
	https://bugzilla.redhat.com/2115291	REPORT
	https://bugzilla.redhat.com/2115292	REPORT
	https://bugzilla.redhat.com/2115293	REPORT
	https://bugzilla.redhat.com/2115294	REPORT
	https://bugzilla.redhat.com/2115295	REPORT
	https://bugzilla.redhat.com/2115296	REPORT
	https://bugzilla.redhat.com/2115297	REPORT
	https://bugzilla.redhat.com/2115298	REPORT
	https://bugzilla.redhat.com/2115299	REPORT
	https://bugzilla.redhat.com/2115301	REPORT
	https://errata.almalinux.org/8/ALSA-2022-7119.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "mecab"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.996-2.module_el8.6.0+3340+d764b636"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "mecab-ipadic"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.7.0.20070801-16.module_el8.6.0+3340+d764b636"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "mecab-ipadic"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.7.0.20070801-16.module_el8.6.0+3151+3a7073b7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "mecab-ipadic-EUCJP"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.7.0.20070801-16.module_el8.6.0+3340+d764b636"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "mecab-ipadic-EUCJP"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.7.0.20070801-16.module_el8.6.0+3151+3a7073b7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "mysql"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.0.30-1.module_el8.6.0+3340+d764b636"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "mysql-common"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.0.30-1.module_el8.6.0+3340+d764b636"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "mysql-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.0.30-1.module_el8.6.0+3340+d764b636"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "mysql-errmsg"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.0.30-1.module_el8.6.0+3340+d764b636"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "mysql-libs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.0.30-1.module_el8.6.0+3340+d764b636"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "mysql-server"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.0.30-1.module_el8.6.0+3340+d764b636"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "mysql-test"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.0.30-1.module_el8.6.0+3340+d764b636"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.\n\nThe following packages have been upgraded to a later upstream version: mysql (8.0.30).\n\nSecurity Fix(es):\n\n* mysql: Server: DML multiple unspecified vulnerabilities (CVE-2021-2478, CVE-2021-2479, CVE-2021-35591, CVE-2021-35607, CVE-2022-21301, CVE-2022-21413)\n* mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2021-2481, CVE-2021-35575, CVE-2021-35577, CVE-2021-35610, CVE-2021-35612, CVE-2021-35626, CVE-2021-35627, CVE-2021-35628, CVE-2021-35634, CVE-2021-35635, CVE-2021-35636, CVE-2021-35638, CVE-2021-35641, CVE-2021-35642, CVE-2021-35643, CVE-2021-35644, CVE-2021-35645, CVE-2021-35646, CVE-2021-35647, CVE-2022-21253, CVE-2022-21254, CVE-2022-21264, CVE-2022-21278, CVE-2022-21297, CVE-2022-21339, CVE-2022-21342, CVE-2022-21351, CVE-2022-21370, CVE-2022-21378, CVE-2022-21412, CVE-2022-21414, CVE-2022-21435, CVE-2022-21436, CVE-2022-21437, CVE-2022-21438, CVE-2022-21440, CVE-2022-21452, CVE-2022-21459, CVE-2022-21462, CVE-2022-21478, CVE-2022-21479, CVE-2022-21509, CVE-2022-21525, CVE-2022-21526, CVE-2022-21527, CVE-2022-21528, CVE-2022-21529, CVE-2022-21530, CVE-2022-21531, CVE-2022-21553, CVE-2022-21569, CVE-2022-21265)\n* mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2021-35546, CVE-2022-21344, CVE-2022-21415)\n* mysql: Server: Error Handling unspecified vulnerability (CVE-2021-35596)\n* mysql: C API unspecified vulnerability (CVE-2021-35597)\n* mysql: Server: Options multiple unspecified vulnerabilities (CVE-2021-35602, CVE-2021-35630, CVE-2022-21515)\n* mysql: InnoDB multiple unspecified vulnerabilities (CVE-2021-35604, CVE-2022-21302, CVE-2022-21348, CVE-2022-21352, CVE-2022-21417, CVE-2022-21418, CVE-2022-21451, CVE-2022-21517, CVE-2022-21537, CVE-2022-21539, CVE-2022-21423)\n* mysql: Server: Group Replication Plugin multiple unspecified vulnerabilities (CVE-2021-35608, CVE-2022-21256, CVE-2022-21379, CVE-2022-21454)\n* mysql: Server: Security: Encryption multiple unspecified vulnerabilities (CVE-2021-35622, CVE-2022-21358, CVE-2022-21372, CVE-2022-21538)\n* mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2021-35624, CVE-2022-21245, CVE-2021-35625)\n* mysql: Server: GIS unspecified vulnerability (CVE-2021-35631)\n* mysql: Server: Data Dictionary unspecified vulnerability (CVE-2021-35632)\n* mysql: Server: PS unspecified vulnerability (CVE-2021-35637)\n* mysql: Server: Stored Procedure multiple unspecified vulnerabilities (CVE-2021-35639, CVE-2022-21303, CVE-2022-21522, CVE-2022-21534)\n* mysql: Server: FTS multiple unspecified vulnerabilities (CVE-2021-35648, CVE-2022-21427)\n* mysql: Server: Federated multiple unspecified vulnerabilities (CVE-2022-21270, CVE-2022-21547)\n* mysql: Server: Parser unspecified vulnerability (CVE-2022-21304)\n* mysql: Server: Information Schema multiple unspecified vulnerabilities (CVE-2022-21362, CVE-2022-21374)\n* mysql: Server: Compiling unspecified vulnerability (CVE-2022-21367)\n* mysql: Server: Components Services unspecified vulnerability (CVE-2022-21368)\n* mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2022-21425, CVE-2022-21444, CVE-2021-35640, CVE-2022-21249)\n* mysql: Server: PAM Auth Plugin unspecified vulnerability (CVE-2022-21457)\n* mysql: Server: Logging multiple unspecified vulnerabilities (CVE-2022-21460, CVE-2021-35633)\n* mysql: Server: Security: Roles unspecified vulnerability (CVE-2021-35623)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Rebuild mecab due to change in the suffix (from .el8 to .el8.0.0) [almalinux-8] (BZ#2110940)",
  "id": "ALSA-2022:7119",
  "modified": "2023-09-15T13:41:48Z",
  "published": "2022-10-25T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2022:7119"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-2478"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-2479"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-2481"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35546"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35575"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35577"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35591"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35596"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35597"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35602"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35604"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35607"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35608"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35610"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35612"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35622"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35623"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35624"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35625"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35626"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35627"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35628"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35630"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35631"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35632"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35633"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35634"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35635"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35636"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35637"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35638"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35639"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35640"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35641"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35642"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35643"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35644"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35645"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35646"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35647"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-35648"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21245"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21249"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21253"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21254"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21256"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21264"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21265"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21270"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21278"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21297"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21301"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21302"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21303"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21304"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21339"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21342"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21344"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21348"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21351"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21352"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21358"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21362"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21367"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21368"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21370"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21372"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21374"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21378"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21379"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21412"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21413"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21414"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21415"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21417"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21418"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21423"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21425"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21427"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21435"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21436"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21437"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21438"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21440"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21444"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21451"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21452"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21454"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21457"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21459"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21460"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21462"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21478"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21479"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21509"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21515"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21517"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21522"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21525"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21526"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21527"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21528"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21529"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21530"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21531"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21534"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21537"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21538"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21539"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21547"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21553"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-21569"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016089"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016090"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016091"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016093"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016094"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016095"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016097"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016098"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016099"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016100"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016101"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016104"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016105"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016106"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016107"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016108"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016109"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016110"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016111"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016112"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016113"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016114"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016117"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016118"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016119"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016120"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016121"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016122"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016124"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016126"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016127"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016128"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016129"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016130"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016131"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016132"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016133"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016134"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016135"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016137"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2016138"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043620"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043621"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043622"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043623"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043624"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043625"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043626"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043627"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043628"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043629"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043630"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043631"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043632"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043633"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043634"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043635"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043636"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043637"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043638"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043639"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043640"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043641"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043642"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043643"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043644"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043645"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043646"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043647"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2043648"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082636"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082637"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082638"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082639"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082640"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082641"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082642"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082643"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082644"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082645"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082646"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082647"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082648"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082649"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082650"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082651"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082652"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082653"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082654"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082655"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082656"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082657"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082658"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2082659"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2115283"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2115284"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2115285"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2115286"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2115287"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2115288"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2115289"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2115290"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2115291"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2115292"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2115293"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2115294"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2115295"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2115296"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2115297"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2115298"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2115299"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2115301"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/8/ALSA-2022-7119.html"
    }
  ],
  "related": [
    "CVE-2021-2478",
    "CVE-2021-2479",
    "CVE-2021-35591",
    "CVE-2021-35607",
    "CVE-2022-21301",
    "CVE-2022-21413",
    "CVE-2021-2481",
    "CVE-2021-35575",
    "CVE-2021-35577",
    "CVE-2021-35610",
    "CVE-2021-35612",
    "CVE-2021-35626",
    "CVE-2021-35627",
    "CVE-2021-35628",
    "CVE-2021-35634",
    "CVE-2021-35635",
    "CVE-2021-35636",
    "CVE-2021-35638",
    "CVE-2021-35641",
    "CVE-2021-35642",
    "CVE-2021-35643",
    "CVE-2021-35644",
    "CVE-2021-35645",
    "CVE-2021-35646",
    "CVE-2021-35647",
    "CVE-2022-21253",
    "CVE-2022-21254",
    "CVE-2022-21264",
    "CVE-2022-21278",
    "CVE-2022-21297",
    "CVE-2022-21339",
    "CVE-2022-21342",
    "CVE-2022-21351",
    "CVE-2022-21370",
    "CVE-2022-21378",
    "CVE-2022-21412",
    "CVE-2022-21414",
    "CVE-2022-21435",
    "CVE-2022-21436",
    "CVE-2022-21437",
    "CVE-2022-21438",
    "CVE-2022-21440",
    "CVE-2022-21452",
    "CVE-2022-21459",
    "CVE-2022-21462",
    "CVE-2022-21478",
    "CVE-2022-21479",
    "CVE-2022-21509",
    "CVE-2022-21525",
    "CVE-2022-21526",
    "CVE-2022-21527",
    "CVE-2022-21528",
    "CVE-2022-21529",
    "CVE-2022-21530",
    "CVE-2022-21531",
    "CVE-2022-21553",
    "CVE-2022-21569",
    "CVE-2022-21265",
    "CVE-2021-35546",
    "CVE-2022-21344",
    "CVE-2022-21415",
    "CVE-2021-35596",
    "CVE-2021-35597",
    "CVE-2021-35602",
    "CVE-2021-35630",
    "CVE-2022-21515",
    "CVE-2021-35604",
    "CVE-2022-21302",
    "CVE-2022-21348",
    "CVE-2022-21352",
    "CVE-2022-21417",
    "CVE-2022-21418",
    "CVE-2022-21451",
    "CVE-2022-21517",
    "CVE-2022-21537",
    "CVE-2022-21539",
    "CVE-2022-21423",
    "CVE-2021-35608",
    "CVE-2022-21256",
    "CVE-2022-21379",
    "CVE-2022-21454",
    "CVE-2021-35622",
    "CVE-2022-21358",
    "CVE-2022-21372",
    "CVE-2022-21538",
    "CVE-2021-35624",
    "CVE-2022-21245",
    "CVE-2021-35625",
    "CVE-2021-35631",
    "CVE-2021-35632",
    "CVE-2021-35637",
    "CVE-2021-35639",
    "CVE-2022-21303",
    "CVE-2022-21522",
    "CVE-2022-21534",
    "CVE-2021-35648",
    "CVE-2022-21427",
    "CVE-2022-21270",
    "CVE-2022-21547",
    "CVE-2022-21304",
    "CVE-2022-21362",
    "CVE-2022-21374",
    "CVE-2022-21367",
    "CVE-2022-21368",
    "CVE-2022-21425",
    "CVE-2022-21444",
    "CVE-2021-35640",
    "CVE-2022-21249",
    "CVE-2022-21457",
    "CVE-2022-21460",
    "CVE-2021-35633",
    "CVE-2021-35623"
  ],
  "summary": "Moderate: mysql:8.0 security, bug fix, and enhancement update"
}

CVE-2021-2478 (GCVE-0-2021-2478)

Vulnerability from cvelistv5 – Published: 2021-10-20 10:49 – Updated: 2024-09-25 19:39

Summary

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity ?

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE

Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.

Assigner

oracle

References

5 references

URL	Tags
https://www.oracle.com/security-alerts/cpuoct2021.html	x_refsource_MISC
https://security.netapp.com/advisory/ntap-2021102…	x_refsource_CONFIRM
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA

Impacted products

1 product

Vendor	Product	Version
Oracle Corporation	MySQL Server	Affected: 8.0.26 and prior

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:50.493Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
          },
          {
            "name": "FEDORA-2021-70dd0b9f5d",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
          },
          {
            "name": "FEDORA-2021-46dc82116b",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
          },
          {
            "name": "FEDORA-2021-f74148c6d4",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-2478",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-25T19:15:12.475816Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-25T19:39:21.214Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MySQL Server",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.26 and prior"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T09:06:37.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
        },
        {
          "name": "FEDORA-2021-70dd0b9f5d",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
        },
        {
          "name": "FEDORA-2021-46dc82116b",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
        },
        {
          "name": "FEDORA-2021-f74148c6d4",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2021-2478",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MySQL Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "8.0.26 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Oracle Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "4.9",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20211022-0003/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
            },
            {
              "name": "FEDORA-2021-70dd0b9f5d",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
            },
            {
              "name": "FEDORA-2021-46dc82116b",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
            },
            {
              "name": "FEDORA-2021-f74148c6d4",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2021-2478",
    "datePublished": "2021-10-20T10:49:42.000Z",
    "dateReserved": "2020-12-09T00:00:00.000Z",
    "dateUpdated": "2024-09-25T19:39:21.214Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-2479 (GCVE-0-2021-2479)

Vulnerability from cvelistv5 – Published: 2021-10-20 10:49 – Updated: 2024-09-25 19:39

Summary

Severity ?

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE

Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.

Assigner

oracle

References

5 references

URL	Tags
https://www.oracle.com/security-alerts/cpuoct2021.html	x_refsource_MISC
https://security.netapp.com/advisory/ntap-2021102…	x_refsource_CONFIRM
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA

Impacted products

1 product

Vendor	Product	Version
Oracle Corporation	MySQL Server	Affected: 8.0.26 and prior

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:50.613Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
          },
          {
            "name": "FEDORA-2021-70dd0b9f5d",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
          },
          {
            "name": "FEDORA-2021-46dc82116b",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
          },
          {
            "name": "FEDORA-2021-f74148c6d4",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-2479",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-25T19:15:11.521456Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-25T19:39:15.893Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MySQL Server",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.26 and prior"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T09:06:41.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
        },
        {
          "name": "FEDORA-2021-70dd0b9f5d",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
        },
        {
          "name": "FEDORA-2021-46dc82116b",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
        },
        {
          "name": "FEDORA-2021-f74148c6d4",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2021-2479",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MySQL Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "8.0.26 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Oracle Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "4.9",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20211022-0003/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
            },
            {
              "name": "FEDORA-2021-70dd0b9f5d",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
            },
            {
              "name": "FEDORA-2021-46dc82116b",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
            },
            {
              "name": "FEDORA-2021-f74148c6d4",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2021-2479",
    "datePublished": "2021-10-20T10:49:43.000Z",
    "dateReserved": "2020-12-09T00:00:00.000Z",
    "dateUpdated": "2024-09-25T19:39:15.893Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-2481 (GCVE-0-2021-2481)

Vulnerability from cvelistv5 – Published: 2021-10-20 10:49 – Updated: 2024-09-25 19:39

Summary

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.

Assigner

oracle

References

5 references

URL	Tags
https://www.oracle.com/security-alerts/cpuoct2021.html	x_refsource_MISC
https://security.netapp.com/advisory/ntap-2021102…	x_refsource_CONFIRM
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA

Impacted products

1 product

Vendor	Product	Version
Oracle Corporation	MySQL Server	Affected: 8.0.26 and prior

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:50.475Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
          },
          {
            "name": "FEDORA-2021-70dd0b9f5d",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
          },
          {
            "name": "FEDORA-2021-46dc82116b",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
          },
          {
            "name": "FEDORA-2021-f74148c6d4",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-2481",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-25T19:15:09.749920Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-25T19:39:00.753Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MySQL Server",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.26 and prior"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T09:06:46.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
        },
        {
          "name": "FEDORA-2021-70dd0b9f5d",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
        },
        {
          "name": "FEDORA-2021-46dc82116b",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
        },
        {
          "name": "FEDORA-2021-f74148c6d4",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2021-2481",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MySQL Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "8.0.26 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Oracle Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "6.5",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20211022-0003/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
            },
            {
              "name": "FEDORA-2021-70dd0b9f5d",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
            },
            {
              "name": "FEDORA-2021-46dc82116b",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
            },
            {
              "name": "FEDORA-2021-f74148c6d4",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2021-2481",
    "datePublished": "2021-10-20T10:49:45.000Z",
    "dateReserved": "2020-12-09T00:00:00.000Z",
    "dateUpdated": "2024-09-25T19:39:00.753Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-35546 (GCVE-0-2021-35546)

Vulnerability from cvelistv5 – Published: 2021-10-20 10:49 – Updated: 2024-09-25 19:37

Summary

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity ?

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE

Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.

Assigner

oracle

References

5 references

URL	Tags
https://www.oracle.com/security-alerts/cpuoct2021.html	x_refsource_MISC
https://security.netapp.com/advisory/ntap-2021102…	x_refsource_CONFIRM
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA

Impacted products

1 product

Vendor	Product	Version
Oracle Corporation	MySQL Server	Affected: 8.0.26 and prior

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:40:46.458Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
          },
          {
            "name": "FEDORA-2021-70dd0b9f5d",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
          },
          {
            "name": "FEDORA-2021-46dc82116b",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
          },
          {
            "name": "FEDORA-2021-f74148c6d4",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-35546",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-25T19:15:01.862633Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-25T19:37:17.217Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MySQL Server",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.26 and prior"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T09:06:21.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
        },
        {
          "name": "FEDORA-2021-70dd0b9f5d",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
        },
        {
          "name": "FEDORA-2021-46dc82116b",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
        },
        {
          "name": "FEDORA-2021-f74148c6d4",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2021-35546",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MySQL Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "8.0.26 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Oracle Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "4.9",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20211022-0003/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
            },
            {
              "name": "FEDORA-2021-70dd0b9f5d",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
            },
            {
              "name": "FEDORA-2021-46dc82116b",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
            },
            {
              "name": "FEDORA-2021-f74148c6d4",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2021-35546",
    "datePublished": "2021-10-20T10:49:57.000Z",
    "dateReserved": "2021-06-28T00:00:00.000Z",
    "dateUpdated": "2024-09-25T19:37:17.217Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-35575 (GCVE-0-2021-35575)

Vulnerability from cvelistv5 – Published: 2021-10-20 10:50 – Updated: 2024-09-25 19:34

Summary

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity ?

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE

Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.

Assigner

oracle

References

5 references

URL	Tags
https://www.oracle.com/security-alerts/cpuoct2021.html	x_refsource_MISC
https://security.netapp.com/advisory/ntap-2021102…	x_refsource_CONFIRM
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA

Impacted products

1 product

Vendor	Product	Version
Oracle Corporation	MySQL Server	Affected: 8.0.26 and prior

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:40:46.993Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
          },
          {
            "name": "FEDORA-2021-70dd0b9f5d",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
          },
          {
            "name": "FEDORA-2021-46dc82116b",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
          },
          {
            "name": "FEDORA-2021-f74148c6d4",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-35575",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-25T19:14:51.577201Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-25T19:34:00.383Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MySQL Server",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.26 and prior"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T09:06:23.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
        },
        {
          "name": "FEDORA-2021-70dd0b9f5d",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
        },
        {
          "name": "FEDORA-2021-46dc82116b",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
        },
        {
          "name": "FEDORA-2021-f74148c6d4",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2021-35575",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MySQL Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "8.0.26 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Oracle Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "4.9",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20211022-0003/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
            },
            {
              "name": "FEDORA-2021-70dd0b9f5d",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
            },
            {
              "name": "FEDORA-2021-46dc82116b",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
            },
            {
              "name": "FEDORA-2021-f74148c6d4",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2021-35575",
    "datePublished": "2021-10-20T10:50:21.000Z",
    "dateReserved": "2021-06-28T00:00:00.000Z",
    "dateUpdated": "2024-09-25T19:34:00.383Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-35577 (GCVE-0-2021-35577)

Vulnerability from cvelistv5 – Published: 2021-10-20 10:50 – Updated: 2024-09-25 19:33

Summary

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via MySQL Protcol to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity ?

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE

Easily exploitable vulnerability allows high privileged attacker with network access via MySQL Protcol to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.

Assigner

oracle

References

5 references

URL	Tags
https://www.oracle.com/security-alerts/cpuoct2021.html	x_refsource_MISC
https://security.netapp.com/advisory/ntap-2021102…	x_refsource_CONFIRM
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA

Impacted products

1 product

Vendor	Product	Version
Oracle Corporation	MySQL Server	Affected: 8.0.26 and prior

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:40:47.385Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
          },
          {
            "name": "FEDORA-2021-70dd0b9f5d",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
          },
          {
            "name": "FEDORA-2021-46dc82116b",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
          },
          {
            "name": "FEDORA-2021-f74148c6d4",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-35577",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-25T19:14:50.712483Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-25T19:33:54.756Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MySQL Server",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.26 and prior"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via MySQL Protcol to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Easily exploitable vulnerability allows high privileged attacker with network access via MySQL Protcol to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T09:06:34.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
        },
        {
          "name": "FEDORA-2021-70dd0b9f5d",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
        },
        {
          "name": "FEDORA-2021-46dc82116b",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
        },
        {
          "name": "FEDORA-2021-f74148c6d4",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2021-35577",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MySQL Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "8.0.26 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Oracle Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via MySQL Protcol to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "4.9",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Easily exploitable vulnerability allows high privileged attacker with network access via MySQL Protcol to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20211022-0003/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
            },
            {
              "name": "FEDORA-2021-70dd0b9f5d",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
            },
            {
              "name": "FEDORA-2021-46dc82116b",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
            },
            {
              "name": "FEDORA-2021-f74148c6d4",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2021-35577",
    "datePublished": "2021-10-20T10:50:23.000Z",
    "dateReserved": "2021-06-28T00:00:00.000Z",
    "dateUpdated": "2024-09-25T19:33:54.756Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-35591 (GCVE-0-2021-35591)

Vulnerability from cvelistv5 – Published: 2021-10-20 10:50 – Updated: 2024-09-25 19:31

Summary

Severity ?

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE

Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.

Assigner

oracle

References

5 references

URL	Tags
https://www.oracle.com/security-alerts/cpuoct2021.html	x_refsource_MISC
https://security.netapp.com/advisory/ntap-2021102…	x_refsource_CONFIRM
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA

Impacted products

1 product

Vendor	Product	Version
Oracle Corporation	MySQL Server	Affected: 8.0.26 and prior

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:40:47.305Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
          },
          {
            "name": "FEDORA-2021-70dd0b9f5d",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
          },
          {
            "name": "FEDORA-2021-46dc82116b",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
          },
          {
            "name": "FEDORA-2021-f74148c6d4",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-35591",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-25T19:14:44.678950Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-25T19:31:54.991Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MySQL Server",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.26 and prior"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T09:06:16.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
        },
        {
          "name": "FEDORA-2021-70dd0b9f5d",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
        },
        {
          "name": "FEDORA-2021-46dc82116b",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
        },
        {
          "name": "FEDORA-2021-f74148c6d4",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2021-35591",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MySQL Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "8.0.26 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Oracle Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "4.9",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20211022-0003/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
            },
            {
              "name": "FEDORA-2021-70dd0b9f5d",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
            },
            {
              "name": "FEDORA-2021-46dc82116b",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
            },
            {
              "name": "FEDORA-2021-f74148c6d4",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2021-35591",
    "datePublished": "2021-10-20T10:50:33.000Z",
    "dateReserved": "2021-06-28T00:00:00.000Z",
    "dateUpdated": "2024-09-25T19:31:54.991Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-35596 (GCVE-0-2021-35596)

Vulnerability from cvelistv5 – Published: 2021-10-20 10:50 – Updated: 2024-09-25 19:27

Summary

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Error Handling). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity ?

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE

Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.

Assigner

oracle

References

5 references

URL	Tags
https://www.oracle.com/security-alerts/cpuoct2021.html	x_refsource_MISC
https://security.netapp.com/advisory/ntap-2021102…	x_refsource_CONFIRM
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA

Impacted products

1 product

Vendor	Product	Version
Oracle Corporation	MySQL Server	Affected: 8.0.26 and prior

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:40:47.324Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
          },
          {
            "name": "FEDORA-2021-70dd0b9f5d",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
          },
          {
            "name": "FEDORA-2021-46dc82116b",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
          },
          {
            "name": "FEDORA-2021-f74148c6d4",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-35596",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-25T19:14:42.722753Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-25T19:27:37.824Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MySQL Server",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.26 and prior"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Error Handling). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T09:06:30.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
        },
        {
          "name": "FEDORA-2021-70dd0b9f5d",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
        },
        {
          "name": "FEDORA-2021-46dc82116b",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
        },
        {
          "name": "FEDORA-2021-f74148c6d4",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2021-35596",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MySQL Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "8.0.26 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Oracle Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Error Handling). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "4.9",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20211022-0003/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
            },
            {
              "name": "FEDORA-2021-70dd0b9f5d",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
            },
            {
              "name": "FEDORA-2021-46dc82116b",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
            },
            {
              "name": "FEDORA-2021-f74148c6d4",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2021-35596",
    "datePublished": "2021-10-20T10:50:38.000Z",
    "dateReserved": "2021-06-28T00:00:00.000Z",
    "dateUpdated": "2024-09-25T19:27:37.824Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-35597 (GCVE-0-2021-35597)

Vulnerability from cvelistv5 – Published: 2021-10-20 10:50 – Updated: 2024-09-25 19:27

Summary

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client.

Assigner

oracle

References

5 references

URL	Tags
https://www.oracle.com/security-alerts/cpuoct2021.html	x_refsource_MISC
https://security.netapp.com/advisory/ntap-2021102…	x_refsource_CONFIRM
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA

Impacted products

1 product

Vendor	Product	Version
Oracle Corporation	MySQL Server	Affected: 8.0.26 and prior

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:40:47.442Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20211022-0005/"
          },
          {
            "name": "FEDORA-2021-70dd0b9f5d",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
          },
          {
            "name": "FEDORA-2021-46dc82116b",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
          },
          {
            "name": "FEDORA-2021-f74148c6d4",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-35597",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-25T19:14:41.475630Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-25T19:27:28.131Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MySQL Server",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.26 and prior"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T09:06:39.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20211022-0005/"
        },
        {
          "name": "FEDORA-2021-70dd0b9f5d",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
        },
        {
          "name": "FEDORA-2021-46dc82116b",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
        },
        {
          "name": "FEDORA-2021-f74148c6d4",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2021-35597",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MySQL Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "8.0.26 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Oracle Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "6.5",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20211022-0005/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20211022-0005/"
            },
            {
              "name": "FEDORA-2021-70dd0b9f5d",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
            },
            {
              "name": "FEDORA-2021-46dc82116b",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
            },
            {
              "name": "FEDORA-2021-f74148c6d4",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2021-35597",
    "datePublished": "2021-10-20T10:50:39.000Z",
    "dateReserved": "2021-06-28T00:00:00.000Z",
    "dateUpdated": "2024-09-25T19:27:28.131Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-35602 (GCVE-0-2021-35602)

Vulnerability from cvelistv5 – Published: 2021-10-20 10:50 – Updated: 2024-09-25 19:26

Summary

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H).

Severity ?

5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H

CWE

Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data.

Assigner

oracle

References

5 references

URL	Tags
https://www.oracle.com/security-alerts/cpuoct2021.html	x_refsource_MISC
https://security.netapp.com/advisory/ntap-2021102…	x_refsource_CONFIRM
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA

Impacted products

1 product

Vendor	Product	Version
Oracle Corporation	MySQL Server	Affected: 8.0.26 and prior

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:40:47.303Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
          },
          {
            "name": "FEDORA-2021-70dd0b9f5d",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
          },
          {
            "name": "FEDORA-2021-46dc82116b",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
          },
          {
            "name": "FEDORA-2021-f74148c6d4",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-35602",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-25T19:14:39.373241Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-25T19:26:59.832Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MySQL Server",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.26 and prior"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as  unauthorized update, insert or delete access to some of MySQL Server accessible data.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T09:06:25.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
        },
        {
          "name": "FEDORA-2021-70dd0b9f5d",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
        },
        {
          "name": "FEDORA-2021-46dc82116b",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
        },
        {
          "name": "FEDORA-2021-f74148c6d4",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2021-35602",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MySQL Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "8.0.26 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Oracle Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H)."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "5.0",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as  unauthorized update, insert or delete access to some of MySQL Server accessible data."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20211022-0003/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20211022-0003/"
            },
            {
              "name": "FEDORA-2021-70dd0b9f5d",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/"
            },
            {
              "name": "FEDORA-2021-46dc82116b",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/"
            },
            {
              "name": "FEDORA-2021-f74148c6d4",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2021-35602",
    "datePublished": "2021-10-20T10:50:42.000Z",
    "dateReserved": "2021-06-28T00:00:00.000Z",
    "dateUpdated": "2024-09-25T19:26:59.832Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

alsa-2022:7119

Vulnerability from osv_almalinux

CVE-2021-2478 (GCVE-0-2021-2478)

CVE-2021-2479 (GCVE-0-2021-2479)

CVE-2021-2481 (GCVE-0-2021-2481)

CVE-2021-35546 (GCVE-0-2021-35546)

CVE-2021-35575 (GCVE-0-2021-35575)

CVE-2021-35577 (GCVE-0-2021-35577)

CVE-2021-35591 (GCVE-0-2021-35591)

CVE-2021-35596 (GCVE-0-2021-35596)

CVE-2021-35597 (GCVE-0-2021-35597)

CVE-2021-35602 (GCVE-0-2021-35602)

Tags

Sightings

Nomenclature