An update for mysql is now available for openEuler-20.03-LTS-SP1
Security Advisory
openeuler-security@openeuler.org
openEuler security committee
openEuler-SA-2021-1199
Final
1.0
1.0
2021-05-30
Initial
2021-05-30
2021-05-30
openEuler SA Tool V1.0
2021-05-30
mysql security update
An update for mysql is now available for openEuler-20.03-LTS-SP1.
Security Fix(es):
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2193)
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2174)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2179)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2305)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2171)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2169)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N).(CVE-2021-2307)
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2180)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2201)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2196)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2170)
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2194)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2172)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).(CVE-2021-2308)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).(CVE-2021-2304)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2300)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2230)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2298)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 1.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L).(CVE-2021-2232)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).(CVE-2021-2226)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2203)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2217)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2208)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2164)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2278)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2215)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2293)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2299)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2212)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).(CVE-2021-2162)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2146)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2021-2166)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).(CVE-2021-2301)
An update for mysql is now available for openEuler-20.03-LTS-SP1.
openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
Medium
mysql
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2193
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2174
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2179
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2305
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2171
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2169
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2307
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2180
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2201
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2196
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2170
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2194
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2172
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2308
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2304
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2300
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2230
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2298
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2232
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2226
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2203
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2217
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2208
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2164
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2278
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2215
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2293
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2299
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2212
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2162
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2146
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2166
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-2301
https://nvd.nist.gov/vuln/detail/CVE-2021-2193
https://nvd.nist.gov/vuln/detail/CVE-2021-2174
https://nvd.nist.gov/vuln/detail/CVE-2021-2179
https://nvd.nist.gov/vuln/detail/CVE-2021-2305
https://nvd.nist.gov/vuln/detail/CVE-2021-2171
https://nvd.nist.gov/vuln/detail/CVE-2021-2169
https://nvd.nist.gov/vuln/detail/CVE-2021-2307
https://nvd.nist.gov/vuln/detail/CVE-2021-2180
https://nvd.nist.gov/vuln/detail/CVE-2021-2201
https://nvd.nist.gov/vuln/detail/CVE-2021-2196
https://nvd.nist.gov/vuln/detail/CVE-2021-2170
https://nvd.nist.gov/vuln/detail/CVE-2021-2194
https://nvd.nist.gov/vuln/detail/CVE-2021-2172
https://nvd.nist.gov/vuln/detail/CVE-2021-2308
https://nvd.nist.gov/vuln/detail/CVE-2021-2304
https://nvd.nist.gov/vuln/detail/CVE-2021-2300
https://nvd.nist.gov/vuln/detail/CVE-2021-2230
https://nvd.nist.gov/vuln/detail/CVE-2021-2298
https://nvd.nist.gov/vuln/detail/CVE-2021-2232
https://nvd.nist.gov/vuln/detail/CVE-2021-2226
https://nvd.nist.gov/vuln/detail/CVE-2021-2203
https://nvd.nist.gov/vuln/detail/CVE-2021-2217
https://nvd.nist.gov/vuln/detail/CVE-2021-2208
https://nvd.nist.gov/vuln/detail/CVE-2021-2164
https://nvd.nist.gov/vuln/detail/CVE-2021-2278
https://nvd.nist.gov/vuln/detail/CVE-2021-2215
https://nvd.nist.gov/vuln/detail/CVE-2021-2293
https://nvd.nist.gov/vuln/detail/CVE-2021-2299
https://nvd.nist.gov/vuln/detail/CVE-2021-2212
https://nvd.nist.gov/vuln/detail/CVE-2021-2162
https://nvd.nist.gov/vuln/detail/CVE-2021-2146
https://nvd.nist.gov/vuln/detail/CVE-2021-2166
https://nvd.nist.gov/vuln/detail/CVE-2021-2301
openEuler-20.03-LTS-SP1
mysql-8.0.24-1.oe1.aarch64.rpm
mysql-8.0.24-1.oe1.src.rpm
mysql-8.0.24-1.oe1.x86_64.rpm
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2193
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2174
openEuler-20.03-LTS-SP1
Medium
4.4
AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2179
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2305
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2171
openEuler-20.03-LTS-SP1
Medium
4.4
AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2169
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N).
2021-05-30
CVE-2021-2307
openEuler-20.03-LTS-SP1
Medium
6.1
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2180
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2201
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2196
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2170
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2194
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2172
openEuler-20.03-LTS-SP1
Medium
6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).
2021-05-30
CVE-2021-2308
openEuler-20.03-LTS-SP1
Low
2.7
AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
2021-05-30
CVE-2021-2304
openEuler-20.03-LTS-SP1
Medium
5.5
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2300
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2230
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2298
openEuler-20.03-LTS-SP1
Medium
6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 1.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L).
2021-05-30
CVE-2021-2232
openEuler-20.03-LTS-SP1
Low
1.9
AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).
2021-05-30
CVE-2021-2226
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2203
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2217
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2208
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2164
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2278
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2215
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2293
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2299
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2212
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).
2021-05-30
CVE-2021-2162
openEuler-20.03-LTS-SP1
Medium
4.3
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2146
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2021-05-30
CVE-2021-2166
openEuler-20.03-LTS-SP1
Medium
4.9
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).
2021-05-30
CVE-2021-2301
openEuler-20.03-LTS-SP1
Low
2.7
AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
mysql security update
2021-05-30
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1199