Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2019-327.NASL
HistoryMar 14, 2019 - 12:00 a.m.

openSUSE Security Update : mariadb (openSUSE-2019-327)

2019-03-1400:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
39

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.6

Confidence

Low

EPSS

0.014

Percentile

86.5%

JSON

This update for mariadb to version 10.2.22 fixes the following issues :

Security issues fixed :

  • CVE-2019-2510: Fixed a vulnerability which can lead to MySQL compromise and lead to Denial of Service (bsc#1122198).

  • CVE-2019-2537: Fixed a vulnerability which can lead to MySQL compromise and lead to Denial of Service (bsc#1122198).

  • CVE-2018-3284: Fixed InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112377)

  • CVE-2018-3282: Server Storage Engines unspecified vulnerability (CPU Oct 2018) (bsc#1112432)

  • CVE-2018-3277: Fixed InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112391)

  • CVE-2018-3251: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112397)

  • CVE-2018-3200: Fixed InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112404)

  • CVE-2018-3185: Fixed InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112384)

  • CVE-2018-3174: Client programs unspecified vulnerability (CPU Oct 2018) (bsc#1112368)

  • CVE-2018-3173: Fixed InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112386)

  • CVE-2018-3162: Fixed InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112415)

  • CVE-2018-3156: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112417)

  • CVE-2018-3143: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112421)

  • CVE-2018-3066: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent Server Options). (bsc#1101678)

  • CVE-2018-3064: InnoDB unspecified vulnerability (CPU Jul 2018) (bsc#1103342)

  • CVE-2018-3063: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent Server Security Privileges). (bsc#1101677)

  • CVE-2018-3058: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent MyISAM).
    (bsc#1101676)

  • CVE-2016-9843: Big-endian out-of-bounds pointer (bsc#1013882)

Non-security issues fixed :

  • Fixed an issue where mysl_install_db fails due to incorrect basedir (bsc#1127027).

  • Fixed an issue where the lograte was not working (bsc#1112767).

  • Backport Information Schema CHECK_CONSTRAINTS Table.

  • Maximum value of table_definition_cache is now 2097152.

  • InnoDB ALTER TABLE fixes.

  • Galera crash recovery fixes.

  • Encryption fixes.

  • Remove xtrabackup dependency as MariaDB ships a build in mariabackup so xtrabackup is not needed (bsc#1122475).

  • Maria DB testsuite - test main.plugin_auth failed (bsc#1111859)

  • Maria DB testsuite - test encryption.second_plugin-12863 failed (bsc#1111858)

  • Remove PerconaFT from the package as it has AGPL licence (bsc#1118754)

  • remove PerconaFT from the package as it has AGPL licence (bsc#1118754)

  • Database corruption after renaming a prefix-indexed column (bsc#1120041)

Release notes and changelog :

This update was imported from the SUSE:SLE-15:Update update project.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2019-327.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(122849);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/13");

  script_cve_id(
    "CVE-2016-9843",
    "CVE-2018-3058",
    "CVE-2018-3060",
    "CVE-2018-3063",
    "CVE-2018-3064",
    "CVE-2018-3066",
    "CVE-2018-3143",
    "CVE-2018-3156",
    "CVE-2018-3162",
    "CVE-2018-3173",
    "CVE-2018-3174",
    "CVE-2018-3185",
    "CVE-2018-3200",
    "CVE-2018-3251",
    "CVE-2018-3277",
    "CVE-2018-3282",
    "CVE-2018-3284",
    "CVE-2019-2510",
    "CVE-2019-2537"
  );

  script_name(english:"openSUSE Security Update : mariadb (openSUSE-2019-327)");

  script_set_attribute(attribute:"synopsis", value:
"The remote openSUSE host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"This update for mariadb to version 10.2.22 fixes the following 
issues :

Security issues fixed :

  - CVE-2019-2510: Fixed a vulnerability which can lead to
    MySQL compromise and lead to Denial of Service
    (bsc#1122198). 

  - CVE-2019-2537: Fixed a vulnerability which can lead to
    MySQL compromise and lead to Denial of Service
    (bsc#1122198).

  - CVE-2018-3284: Fixed InnoDB unspecified vulnerability
    (CPU Oct 2018) (bsc#1112377)

  - CVE-2018-3282: Server Storage Engines unspecified
    vulnerability (CPU Oct 2018) (bsc#1112432)

  - CVE-2018-3277: Fixed InnoDB unspecified vulnerability
    (CPU Oct 2018) (bsc#1112391)

  - CVE-2018-3251: InnoDB unspecified vulnerability (CPU Oct
    2018) (bsc#1112397)

  - CVE-2018-3200: Fixed InnoDB unspecified vulnerability
    (CPU Oct 2018) (bsc#1112404)

  - CVE-2018-3185: Fixed InnoDB unspecified vulnerability
    (CPU Oct 2018) (bsc#1112384)

  - CVE-2018-3174: Client programs unspecified vulnerability
    (CPU Oct 2018) (bsc#1112368)

  - CVE-2018-3173: Fixed InnoDB unspecified vulnerability
    (CPU Oct 2018) (bsc#1112386)

  - CVE-2018-3162: Fixed InnoDB unspecified vulnerability
    (CPU Oct 2018) (bsc#1112415)

  - CVE-2018-3156: InnoDB unspecified vulnerability (CPU Oct
    2018) (bsc#1112417)

  - CVE-2018-3143: InnoDB unspecified vulnerability (CPU Oct
    2018) (bsc#1112421)

  - CVE-2018-3066: Unspecified vulnerability in the MySQL
    Server component of Oracle MySQL (subcomponent Server
    Options). (bsc#1101678)

  - CVE-2018-3064: InnoDB unspecified vulnerability (CPU Jul
    2018) (bsc#1103342)

  - CVE-2018-3063: Unspecified vulnerability in the MySQL
    Server component of Oracle MySQL (subcomponent Server
    Security Privileges). (bsc#1101677)

  - CVE-2018-3058: Unspecified vulnerability in the MySQL
    Server component of Oracle MySQL (subcomponent MyISAM).
    (bsc#1101676)

  - CVE-2016-9843: Big-endian out-of-bounds pointer
    (bsc#1013882)

Non-security issues fixed :

  - Fixed an issue where mysl_install_db fails due to
    incorrect basedir (bsc#1127027).

  - Fixed an issue where the lograte was not working
    (bsc#1112767).

  - Backport Information Schema CHECK_CONSTRAINTS Table.

  - Maximum value of table_definition_cache is now 2097152.

  - InnoDB ALTER TABLE fixes.

  - Galera crash recovery fixes.

  - Encryption fixes.

  - Remove xtrabackup dependency as MariaDB ships a build in
    mariabackup so xtrabackup is not needed (bsc#1122475).

  - Maria DB testsuite - test main.plugin_auth failed
    (bsc#1111859)

  - Maria DB testsuite - test encryption.second_plugin-12863
    failed (bsc#1111858)

  - Remove PerconaFT from the package as it has AGPL licence
    (bsc#1118754)

  - remove PerconaFT from the package as it has AGPL licence
    (bsc#1118754)

  - Database corruption after renaming a prefix-indexed
    column (bsc#1120041)

Release notes and changelog :

- https://mariadb.com/kb/en/library/mariadb-10222-release-notes

- https://mariadb.com/kb/en/library/mariadb-10222-changelog/

This update was imported from the SUSE:SLE-15:Update update project.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1013882");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1101676");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1101677");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1101678");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1103342");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1111858");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1111859");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1112368");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1112377");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1112384");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1112386");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1112391");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1112397");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1112404");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1112415");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1112417");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1112421");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1112432");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1112767");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1116686");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1118754");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1120041");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1122198");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1122475");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1127027");
  script_set_attribute(attribute:"see_also", value:"https://mariadb.com/kb/en/library/mariadb-10222-changelog/");
  script_set_attribute(attribute:"see_also", value:"https://mariadb.com/kb/en/library/mariadb-10222-release-notes");
  script_set_attribute(attribute:"solution", value:
"Update the affected mariadb packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-9843");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/05/23");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/03/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/03/14");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqld-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqld19");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqld19-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-bench");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-bench-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-client-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-errormessages");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-galera");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-test");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-test-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE15.0", reference:"libmysqld-devel-10.2.22-lp150.2.9.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"libmysqld19-10.2.22-lp150.2.9.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"libmysqld19-debuginfo-10.2.22-lp150.2.9.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mariadb-10.2.22-lp150.2.9.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mariadb-bench-10.2.22-lp150.2.9.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mariadb-bench-debuginfo-10.2.22-lp150.2.9.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mariadb-client-10.2.22-lp150.2.9.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mariadb-client-debuginfo-10.2.22-lp150.2.9.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mariadb-debuginfo-10.2.22-lp150.2.9.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mariadb-debugsource-10.2.22-lp150.2.9.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mariadb-errormessages-10.2.22-lp150.2.9.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mariadb-galera-10.2.22-lp150.2.9.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mariadb-test-10.2.22-lp150.2.9.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mariadb-test-debuginfo-10.2.22-lp150.2.9.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mariadb-tools-10.2.22-lp150.2.9.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mariadb-tools-debuginfo-10.2.22-lp150.2.9.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libmysqld-devel / libmysqld19 / libmysqld19-debuginfo / mariadb / etc");
}
VendorProductVersionCPE
novellopensuse15.0cpe:/o:novell:opensuse:15.0
novellopensusemariadb-debugsourcep-cpe:/a:novell:opensuse:mariadb-debugsource
novellopensusemariadb-test-debuginfop-cpe:/a:novell:opensuse:mariadb-test-debuginfo
novellopensusemariadb-debuginfop-cpe:/a:novell:opensuse:mariadb-debuginfo
novellopensusemariadb-errormessagesp-cpe:/a:novell:opensuse:mariadb-errormessages
novellopensusemariadb-testp-cpe:/a:novell:opensuse:mariadb-test
novellopensusemariadb-tools-debuginfop-cpe:/a:novell:opensuse:mariadb-tools-debuginfo
novellopensusemariadb-galerap-cpe:/a:novell:opensuse:mariadb-galera
novellopensusemariadb-benchp-cpe:/a:novell:opensuse:mariadb-bench
novellopensusemariadb-bench-debuginfop-cpe:/a:novell:opensuse:mariadb-bench-debuginfo
Rows per page:
1-10 of 171

References

Related

suse 3
openvas 36
nessus 60
altlinux 5
fedora 5
slackware 1
mageia 3
rosalinux 1
debian 5
osv 12
amazon 7
ubuntu 4
ibm 3
gentoo 1
redhat 2
freebsd 1
oraclelinux 1
centos 1
f5 2
veracode 5
alpinelinux 7
mariadbunix 3
cve 4
ubuntucve 5
prion 7
redhatcve 4
cvelist 6
nvd 4
debiancve 1
suse
suse
Security update for mariadb (important)
2019-03-14 00:00:00
Security update for mysql-community-server (important)
2018-10-26 00:18:04
Security update for mysql-community-server (moderate)
2018-08-10 03:13:38
openvas
openvas
openSUSE: Security Advisory for mariadb (openSUSE-SU-2019:0327-1)
2019-03-14 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0555-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0119-1)
2021-04-19 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : mariadb (SUSE-SU-2019:0555-1)
2019-03-07 00:00:00
Fedora 27 : 3:mariadb (2018-192148f4ff)
2018-11-27 00:00:00
Fedora 29 : 3:mariadb (2018-242f6c1a41)
2019-01-03 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package mariadb version 10.3.11-alt1
2018-11-28 00:00:00
Security fix for the ALT Linux 8 package mariadb version 10.1.37-alt1
2018-12-05 00:00:00
Security fix for the ALT Linux 9 package mariadb version 10.3.9-alt1
2018-08-19 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: mariadb-10.3.11-1.fc29
2018-12-22 03:02:42
[SECURITY] Fedora 29 Update: mariadb-10.3.17-1.fc29
2019-08-15 18:52:10
[SECURITY] Fedora 28 Update: mariadb-10.2.19-1.fc28
2018-11-19 01:53:27
slackware
slackware
[slackware-security] mariadb
2018-11-06 04:16:18
mageia
mageia
Updated mariadb packages fix security vulnerabilities
2018-11-27 18:26:11
Updated mariadb packages fix security vulnerabilities
2018-08-12 23:39:12
Updated mariadb packages fix security vulnerability
2018-09-01 00:11:59
rosalinux
rosalinux
Advisory ROSA-SA-2023-2251
2023-10-21 14:46:06
debian
debian
[SECURITY] [DLA 1570-1] mariadb-10.0 security update
2018-11-07 18:07:25
[SECURITY] [DLA 1488-1] mariadb-10.0 security update
2018-08-31 22:01:19
[SECURITY] [DLA 1566-1] mysql-5.5 security update
2018-11-05 18:06:29
osv
osv
mariadb-10.0 - security update
2018-08-31 00:00:00
mariadb-10.0 - security update
2018-11-07 00:00:00
mysql-5.5 - security update
2018-11-05 00:00:00
amazon
amazon
Medium: mariadb
2019-04-08 21:30:00
Medium: mysql57
2018-12-06 00:36:00
Medium: mysql56
2018-12-06 00:38:00
ubuntu
ubuntu
MySQL vulnerabilities
2018-10-23 00:00:00
MySQL vulnerabilities
2018-10-29 00:00:00
MySQL vulnerabilities
2018-07-30 00:00:00
ibm
ibm
Security Bulletin: Multiple security vulnerabilities have been identified in Oracle MySQL, which is a supported topology database of IBM Tivoli Network Manager IP Edition.
2023-06-28 22:08:36
Security Bulletin: IBM Security Guardium is affected by a publicly disclosed vulnerability from Oracle MySQL
2019-03-06 20:10:01
Security Bulletin: IBM API Connect Developer Portal is affected by a vulnerability in Oracle MySQL (CVE-2018-3251)
2019-02-01 22:20:01
gentoo
gentoo
MariaDB, MySQL: Multiple vulnerabilities
2019-08-18 00:00:00
redhat
redhat
(RHSA-2019:1258) Moderate: rh-mariadb102-mariadb and rh-mariadb102-galera security and bug fix update
2019-05-21 19:37:40
(RHSA-2019:2327) Moderate: mariadb security and bug fix update
2019-08-06 08:25:40
freebsd
freebsd
MySQL -- multiple vulnerabilities
2018-10-16 00:00:00
oraclelinux
oraclelinux
mariadb security and bug fix update
2019-08-13 00:00:00
centos
centos
mariadb security update
2019-08-30 03:38:17
f5
f5
K53756439 : MySQL vulnerabilities CVE-2018-2767, CVE-2018-3063, CVE-2017-3653, and CVE-2018-3066
2022-01-18 00:00:00
K50148721 : MySQL vulnerabilities CVE-2018-3282, CVE-2018-3283, CVE-2018-3284, CVE-2018-3285, and CVE-2018-3286
2018-11-16 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-16 03:22:46
Denial Of Service (DoS)
2019-05-16 03:22:46
Denial Of Service (DoS)
2019-05-16 03:22:42
alpinelinux
alpinelinux
CVE-2018-3284
2018-10-17 01:31:29
CVE-2018-3251
2018-10-17 01:31:26
CVE-2016-9843
2017-05-23 04:29:01
mariadbunix
mariadbunix
CVE-2018-3284
2018-10-17 01:31:00
CVE-2018-3277
2018-10-17 01:31:00
CVE-2019-2537
2019-01-16 19:30:00
cve
cve
CVE-2018-3284
2018-10-17 01:31:29
CVE-2018-3277
2018-10-17 01:31:28
CVE-2019-2537
2019-01-16 19:30:35
ubuntucve
ubuntucve
CVE-2018-3284
2018-10-16 00:00:00
CVE-2018-3277
2018-10-16 00:00:00
CVE-2018-3162
2018-10-16 00:00:00
prion
prion
Design/Logic Flaw
2018-10-17 01:31:00
Code injection
2018-10-17 01:31:00
Code injection
2018-10-17 01:31:00
redhatcve
redhatcve
CVE-2018-3284
2020-04-01 08:04:50
CVE-2018-3277
2020-04-02 08:57:23
CVE-2018-3162
2019-12-31 21:25:49
cvelist
cvelist
CVE-2018-3284
2018-10-17 01:00:00
CVE-2016-9843
2017-05-23 03:56:00
CVE-2018-3277
2018-10-17 01:00:00
nvd
nvd
CVE-2018-3277
2018-10-17 01:31:28
CVE-2018-3284
2018-10-17 01:31:29
CVE-2019-2537
2019-01-16 19:30:35
debiancve
debiancve
CVE-2019-2537
2019-01-16 19:30:35

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.6

Confidence

Low

EPSS

0.014

Percentile

86.5%

JSON
Related for OPENSUSE-2019-327.NASL
suse3openvas36nessus60altlinux5fedora5slackware1mageia3rosalinux1debian5osv12amazon7ubuntu4ibm3gentoo1redhat2freebsd1oraclelinux1centos1f52veracode5alpinelinux7mariadbunix3cve4ubuntucve5prion7redhatcve4cvelist6nvd4debiancve1