Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-202105-27
HistoryMay 26, 2021 - 12:00 a.m.

MySQL: Multiple vulnerabilities

2021-05-2600:00:00
Gentoo Foundation
security.gentoo.org
78

CVSS2

7.7

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:S/C:C/I:C/A:C

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.009

Percentile

82.3%

JSON

Background

MySQL is a popular multi-threaded, multi-user SQL server.

Description

Multiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details.

Impact

An attacker could possibly execute arbitrary code with the privileges of the process, escalate privileges, gain access to critical data or complete access to all MySQL server accessible data, or cause a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All MySQL users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-db/mysql-5.7.34"

All mysql users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-db/mysql-8.0.24"
OSVersionArchitecturePackageVersionFilename
Gentooanyalldev-db/mysql< 8.0.24UNKNOWN
Gentooanyalldev-db/mysql-connector-c< 8.0.24UNKNOWN

Related

ibm 6
openvas 45
ubuntu 5
nessus 73
freebsd 5
osv 8
photon 12
fedora 13
oraclelinux 4
almalinux 3
cloudfoundry 2
redhat 10
rocky 3
amazon 4
mageia 2
f5 1
centos 1
altlinux 1
gentoo 1
ibm
ibm
Security Bulletin: IBM Security Guardium is affected by Oracle MySQL vulnerabilities
2021-06-22 18:08:38
Security Bulletin: IBM API Connect is impacted by multiple vulnerabilities in Oracle MySQL
2021-08-25 20:23:17
Security Bulletin: IBM API Connect's Developer Portal is impacted by vulnerabilities in MySQL.
2020-10-06 21:09:57
openvas
openvas
Ubuntu: Security Advisory (USN-4604-1)
2020-10-28 00:00:00
Ubuntu: Security Advisory (USN-4441-1)
2020-07-29 00:00:00
Oracle MySQL Server 8.0 <= 8.0.21 Security Update (cpuoct2020) - Windows
2020-10-23 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2020-10-27 00:00:00
MySQL vulnerabilities
2020-07-28 00:00:00
MySQL vulnerabilities
2020-05-04 00:00:00
nessus
nessus
Photon OS 3.0: Mysql PHSA-2020-3.0-0160
2020-11-10 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : MySQL vulnerabilities (USN-4604-1)
2020-10-27 00:00:00
FreeBSD : MySQL -- Multiple vulnerabilities (4fba07ca-13aa-11eb-b31e-d4c9ef517024)
2020-10-22 00:00:00
freebsd
freebsd
MySQL -- Multiple vulnerabilities
2020-10-20 00:00:00
MySQL Server -- Multiple vulerabilities
2020-04-14 00:00:00
MySQL -- Multiple vulerabilities
2020-01-14 00:00:00
osv
osv
mysql-5.7, mysql-8.0 vulnerabilities
2020-10-27 10:46:47
Important: mysql:8.0 security update
2020-09-14 12:23:24
Important: mysql:8.0 security update
2020-09-14 12:23:24
photon
photon
Important Photon OS Security Update - PHSA-2020-0118
2020-07-25 00:00:00
Important Photon OS Security Update - PHSA-2020-0160
2020-11-06 00:00:00
Important Photon OS Security Update - PHSA-2020-3.0-0160
2020-11-06 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: community-mysql-8.0.20-1.fc30
2020-05-10 04:34:04
[SECURITY] Fedora 32 Update: community-mysql-8.0.20-1.fc32
2020-05-10 03:50:08
[SECURITY] Fedora 31 Update: community-mysql-8.0.20-1.fc31
2020-05-10 04:51:09
oraclelinux
oraclelinux
mysql:8.0 security update
2020-09-16 00:00:00
mariadb:10.3 security, bug fix, and enhancement update
2020-12-18 00:00:00
mariadb security and bug fix update
2020-10-06 00:00:00
almalinux
almalinux
Important: mysql:8.0 security update
2020-09-14 12:23:24
Important: mariadb:10.3 security, bug fix, and enhancement update
2020-12-15 16:03:43
Moderate: mysql:8.0 security, bug fix, and enhancement update
2021-09-21 07:13:26
cloudfoundry
cloudfoundry
USN-4250-2: MariaDB vulnerability | Cloud Foundry
2021-02-10 00:00:00
MySQL Security Updates - January 2020 | Cloud Foundry
2020-06-23 00:00:00
redhat
redhat
(RHSA-2020:3732) Important: mysql:8.0 security update
2020-09-14 12:23:24
(RHSA-2020:3755) Important: mysql:8.0 security update
2020-09-15 16:04:48
(RHSA-2020:3757) Important: mysql:8.0 security update
2020-09-15 18:10:12
rocky
rocky
mysql:8.0 security update
2020-09-14 12:23:24
mariadb:10.3 security, bug fix, and enhancement update
2020-12-15 16:03:43
mysql:8.0 security, bug fix, and enhancement update
2021-09-21 07:13:26
amazon
amazon
Medium: mysql57
2020-10-26 18:14:00
Medium: mysql57
2020-07-27 23:17:00
Medium: mysql56
2021-01-12 22:51:00
mageia
mageia
Updated mariadb packages fix security vulnerabilities
2020-11-08 17:14:27
Updated mariadb packages fix security vulnerability
2020-07-07 14:13:48
f5
f5
K33522171 : Multiple MySQL vulnerabilities
2022-01-12 00:00:00
centos
centos
mariadb security update
2020-10-20 18:30:49
altlinux
altlinux
Security fix for the ALT Linux 8 package mariadb version 10.1.46-alt1
2020-09-15 00:00:00
gentoo
gentoo
MariaDB: Multiple vulnerabilities
2020-12-07 00:00:00

CVSS2

7.7

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:S/C:C/I:C/A:C

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.009

Percentile

82.3%

JSON
Related for GLSA-202105-27
ibm6openvas45ubuntu5nessus73freebsd5osv8photon12fedora13oraclelinux4almalinux3cloudfoundry2redhat10rocky3amazon4mageia2f51centos1altlinux1gentoo1