The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2019:2511 advisory.
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2420)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2434)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2019-2436)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2455)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2481, CVE-2019-2507)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2482)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2486, CVE-2019-2532)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2494, CVE-2019-2495)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2502)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling).
Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.
Difficult to exploit vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2503)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2510)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2528)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2529)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2530)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2531)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security :
Privileges). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data. (CVE-2019-2533)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2019-2534)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2535)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server.
Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2536)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2537)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2539)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2580, CVE-2019-2585, CVE-2019-2593, CVE-2019-2624, CVE-2019-2798)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2581)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2584, CVE-2019-2589, CVE-2019-2606, CVE-2019-2620)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2587)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2592)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2596, CVE-2019-2607, CVE-2019-2625, CVE-2019-2681, CVE-2019-2685, CVE-2019-2686, CVE-2019-2687, CVE-2019-2688, CVE-2019-2689)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2614)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2617, CVE-2019-2630)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2623)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2626, CVE-2019-2644)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2627)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2628)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Information Schema).
Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2631)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2634)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2635)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Group Replication Plugin). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via MySQL Procotol to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2636)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2683)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles).
Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2691)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2693, CVE-2019-2694, CVE-2019-2695)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth).
Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2737)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Compiling). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. (CVE-2019-2738)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2019-2739)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2740)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2752)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2755)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2757, CVE-2019-2774)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2019-2758)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. (CVE-2019-2778)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Components / Services).
Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2780)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2784)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2785, CVE-2019-2879)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2019-2789)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2795)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2796, CVE-2019-2802, CVE-2019-2803, CVE-2019-2808, CVE-2019-2810, CVE-2019-2815, CVE-2019-2830)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2797)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2019-2800)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2801)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2805)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2811)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2812, CVE-2019-2834)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.16 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2019-2814)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit).
Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2019-2819)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles).
Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2826)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2948)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2950)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. (CVE-2019-2969)
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-3003)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Rocky Linux Security Advisory RLSA-2019:2511.
##
include('compat.inc');
if (description)
{
script_id(184908);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/07");
script_cve_id(
"CVE-2019-2420",
"CVE-2019-2434",
"CVE-2019-2436",
"CVE-2019-2455",
"CVE-2019-2481",
"CVE-2019-2482",
"CVE-2019-2486",
"CVE-2019-2494",
"CVE-2019-2495",
"CVE-2019-2502",
"CVE-2019-2503",
"CVE-2019-2507",
"CVE-2019-2510",
"CVE-2019-2528",
"CVE-2019-2529",
"CVE-2019-2530",
"CVE-2019-2531",
"CVE-2019-2532",
"CVE-2019-2533",
"CVE-2019-2534",
"CVE-2019-2535",
"CVE-2019-2536",
"CVE-2019-2537",
"CVE-2019-2539",
"CVE-2019-2580",
"CVE-2019-2581",
"CVE-2019-2584",
"CVE-2019-2585",
"CVE-2019-2587",
"CVE-2019-2589",
"CVE-2019-2592",
"CVE-2019-2593",
"CVE-2019-2596",
"CVE-2019-2606",
"CVE-2019-2607",
"CVE-2019-2614",
"CVE-2019-2617",
"CVE-2019-2620",
"CVE-2019-2623",
"CVE-2019-2624",
"CVE-2019-2625",
"CVE-2019-2626",
"CVE-2019-2627",
"CVE-2019-2628",
"CVE-2019-2630",
"CVE-2019-2631",
"CVE-2019-2634",
"CVE-2019-2635",
"CVE-2019-2636",
"CVE-2019-2644",
"CVE-2019-2681",
"CVE-2019-2683",
"CVE-2019-2685",
"CVE-2019-2686",
"CVE-2019-2687",
"CVE-2019-2688",
"CVE-2019-2689",
"CVE-2019-2691",
"CVE-2019-2693",
"CVE-2019-2694",
"CVE-2019-2695",
"CVE-2019-2737",
"CVE-2019-2738",
"CVE-2019-2739",
"CVE-2019-2740",
"CVE-2019-2752",
"CVE-2019-2755",
"CVE-2019-2757",
"CVE-2019-2758",
"CVE-2019-2774",
"CVE-2019-2778",
"CVE-2019-2780",
"CVE-2019-2784",
"CVE-2019-2785",
"CVE-2019-2789",
"CVE-2019-2795",
"CVE-2019-2796",
"CVE-2019-2797",
"CVE-2019-2798",
"CVE-2019-2800",
"CVE-2019-2801",
"CVE-2019-2802",
"CVE-2019-2803",
"CVE-2019-2805",
"CVE-2019-2808",
"CVE-2019-2810",
"CVE-2019-2811",
"CVE-2019-2812",
"CVE-2019-2814",
"CVE-2019-2815",
"CVE-2019-2819",
"CVE-2019-2826",
"CVE-2019-2830",
"CVE-2019-2834",
"CVE-2019-2879",
"CVE-2019-2948",
"CVE-2019-2950",
"CVE-2019-2969",
"CVE-2019-3003"
);
script_xref(name:"RLSA", value:"2019:2511");
script_name(english:"Rocky Linux 8 : mysql:8.0 (RLSA-2019:2511)");
script_set_attribute(attribute:"synopsis", value:
"The remote Rocky Linux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the
RLSA-2019:2511 advisory.
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported
versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability
allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2420)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported
versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability
allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2434)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported
versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server
accessible data. (CVE-2019-2436)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported
versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang
or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2455)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported
versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable
vulnerability allows high privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang
or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2481, CVE-2019-2507)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). Supported versions
that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang
or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2482)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable
vulnerability allows high privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang
or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2486, CVE-2019-2532)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported
versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2494, CVE-2019-2495)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions
that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker
with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2502)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling).
Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.
Difficult to exploit vulnerability allows low privileged attacker with access to the physical
communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized access to critical data or complete
access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2503)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions
that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server. (CVE-2019-2510)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported
versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability
allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2528)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported
versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang
or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2529)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported
versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2530)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported
versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable
vulnerability allows high privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang
or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2531)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security :
Privileges). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability
allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification
access to critical data or all MySQL Server accessible data. (CVE-2019-2533)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported
versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data
or complete access to all MySQL Server accessible data as well as unauthorized update, insert or delete
access to some of MySQL Server accessible data. (CVE-2019-2534)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported
versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged
attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2535)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported
versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged
attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server.
Successful attacks require human interaction from a person other than the attacker and while the
vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks
of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server. (CVE-2019-2536)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported
versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable
vulnerability allows high privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang
or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2537)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported
versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2539)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions
that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker
with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2580, CVE-2019-2585, CVE-2019-2593, CVE-2019-2624, CVE-2019-2798)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported
versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability
allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2581)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server. (CVE-2019-2584, CVE-2019-2589, CVE-2019-2606, CVE-2019-2620)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported
versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2587)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). Supported versions
that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server. (CVE-2019-2592)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported
versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2596, CVE-2019-2607, CVE-2019-2625, CVE-2019-2681, CVE-2019-2685,
CVE-2019-2686, CVE-2019-2687, CVE-2019-2688, CVE-2019-2689)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported
versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to
exploit vulnerability allows high privileged attacker with network access via multiple protocols to
compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to
cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2614)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported
versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2617, CVE-2019-2630)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported
versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows low privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2623)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported
versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2626, CVE-2019-2644)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Easily
exploitable vulnerability allows high privileged attacker with network access via multiple protocols to
compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to
cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2627)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions
that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server. (CVE-2019-2628)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Information Schema).
Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server. (CVE-2019-2631)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported
versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows unauthenticated
attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2634)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported
versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2635)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Group Replication
Plugin). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability
allows high privileged attacker with network access via MySQL Procotol to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2636)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported
versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Easily exploitable
vulnerability allows high privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang
or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2683)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles).
Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server. (CVE-2019-2691)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported
versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows low privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2693, CVE-2019-2694, CVE-2019-2695)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth).
Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily
exploitable vulnerability allows high privileged attacker with network access via multiple protocols to
compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to
cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2737)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Compiling). Supported
versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Difficult to
exploit vulnerability allows low privileged attacker with network access via multiple protocols to
compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access
to a subset of MySQL Server accessible data. (CVE-2019-2738)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily
exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL
Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well
as unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2019-2739)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported
versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang
or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2740)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported
versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2752)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported
versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability
allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2755)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported
versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability
allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2757, CVE-2019-2774)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions
that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of
MySQL Server accessible data. (CVE-2019-2758)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete
access to some of MySQL Server accessible data and unauthorized ability to cause a partial denial of
service (partial DOS) of MySQL Server. (CVE-2019-2778)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Components / Services).
Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server. (CVE-2019-2780)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported
versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2784)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions
that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker
with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2785, CVE-2019-2879)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL
Server accessible data. (CVE-2019-2789)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported
versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows low privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2795)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported
versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2796, CVE-2019-2802, CVE-2019-2803, CVE-2019-2808, CVE-2019-2810,
CVE-2019-2815, CVE-2019-2830)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported
versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability
allows high privileged attacker with access to the physical communication segment attached to the hardware
where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can
result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL
Server. (CVE-2019-2797)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported
versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows low privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server
accessible data. (CVE-2019-2800)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported
versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2801)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported
versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang
or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2805)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server. (CVE-2019-2811)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported
versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows low privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2812, CVE-2019-2834)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions
that are affected are 8.0.16 and prior. Difficult to exploit vulnerability allows high privileged attacker
with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server
accessible data. (CVE-2019-2814)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit).
Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily
exploitable vulnerability allows high privileged attacker with network access via multiple protocols to
compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to
cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update,
insert or delete access to some of MySQL Server accessible data. (CVE-2019-2819)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles).
Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server. (CVE-2019-2826)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability
allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2948)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2019-2950)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions
that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable
vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes
to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to
critical data or complete access to all MySQL Server accessible data. (CVE-2019-2969)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are
affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability
can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL
Server. (CVE-2019-3003)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://errata.rockylinux.org/RLSA-2019:2511");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666738");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666740");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666741");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666742");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666743");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666744");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666745");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666746");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666747");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666748");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666749");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666750");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666751");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666753");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666755");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666756");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666757");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666758");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666759");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666760");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666761");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666762");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666763");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1666764");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702958");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702959");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702960");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702961");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702962");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702963");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702964");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702965");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702966");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702967");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702968");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702969");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702970");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702971");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702972");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702973");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702974");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702975");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702976");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702977");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702978");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702979");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702981");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702982");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702983");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702984");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702985");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702986");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702987");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702989");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702990");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702991");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702992");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702993");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702994");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702995");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1702997");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1731997");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1731998");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1731999");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732000");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732005");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732006");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732007");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732008");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732009");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732010");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732011");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732012");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732013");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732015");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732017");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732018");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732019");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732020");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732021");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732022");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732023");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732024");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732025");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732026");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732027");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732028");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732029");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732030");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732031");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732032");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732034");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732035");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732036");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1732037");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-2819");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2019-2800");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/08/21");
script_set_attribute(attribute:"patch_publication_date", value:"2019/08/15");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/11/07");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mecab");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mecab-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mecab-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mecab-ipadic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mecab-ipadic-EUCJP");
script_set_attribute(attribute:"cpe", value:"cpe:/o:rocky:linux:8");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Rocky Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RockyLinux/release", "Host/RockyLinux/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RockyLinux/release');
if (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');
var os_ver = pregmatch(pattern: "Rocky(?: Linux)? release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);
if (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);
var module_ver = get_kb_item('Host/RockyLinux/appstream/mysql');
if (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module mysql:8.0');
if ('8.0' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module mysql:' + module_ver);
var appstreams = {
'mysql:8.0': [
{'reference':'mecab-0.996-1.module+el8.3.0+242+87d3366a.9', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-0.996-1.module+el8.3.0+242+87d3366a.9', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-debuginfo-0.996-1.module+el8.3.0+242+87d3366a.9', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-debuginfo-0.996-1.module+el8.3.0+242+87d3366a.9', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-debugsource-0.996-1.module+el8.3.0+242+87d3366a.9', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-debugsource-0.996-1.module+el8.3.0+242+87d3366a.9', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-ipadic-2.7.0.20070801-16.module+el8.3.0+242+87d3366a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-ipadic-2.7.0.20070801-16.module+el8.3.0+242+87d3366a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.3.0+242+87d3366a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.3.0+242+87d3366a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
]
};
var flag = 0;
var appstreams_found = 0;
foreach var module (keys(appstreams)) {
var appstream = NULL;
var appstream_name = NULL;
var appstream_version = NULL;
var appstream_split = split(module, sep:':', keep:FALSE);
if (!empty_or_null(appstream_split)) {
appstream_name = appstream_split[0];
appstream_version = appstream_split[1];
if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RockyLinux/appstream/' + appstream_name);
}
if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {
appstreams_found++;
foreach var package_array ( appstreams[module] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
}
}
if (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module mysql:8.0');
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'mecab / mecab-debuginfo / mecab-debugsource / mecab-ipadic / etc');
}
Vendor | Product | Version | CPE |
---|---|---|---|
rocky | linux | mecab | p-cpe:/a:rocky:linux:mecab |
rocky | linux | mecab-debuginfo | p-cpe:/a:rocky:linux:mecab-debuginfo |
rocky | linux | mecab-debugsource | p-cpe:/a:rocky:linux:mecab-debugsource |
rocky | linux | mecab-ipadic | p-cpe:/a:rocky:linux:mecab-ipadic |
rocky | linux | mecab-ipadic-eucjp | p-cpe:/a:rocky:linux:mecab-ipadic-eucjp |
rocky | linux | 8 | cpe:/o:rocky:linux:8 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2420
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2434
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2436
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2455
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2481
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2482
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2486
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2494
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2495
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2502
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2503
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2507
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2510
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2528
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2529
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2530
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2531
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2532
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2533
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2534
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2535
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2536
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2537
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2539
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2580
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2581
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2584
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2585
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2587
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2589
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2592
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2593
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2596
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2606
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2607
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2614
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2617
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2620
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2623
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2624
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2625
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2626
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2627
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2628
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2630
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2631
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2634
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2635
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2636
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2644
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2681
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2683
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2685
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2686
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2687
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2688
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2689
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2691
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2693
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2694
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2695
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2737
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2738
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2739
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2740
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2752
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2755
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2757
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2758
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2774
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2778
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2780
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2784
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2785
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2789
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2795
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2796
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2797
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2798
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2800
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2801
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2802
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2803
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2805
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2808
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2810
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2811
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2812
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2814
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2815
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2819
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2826
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2830
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2834
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2879
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2948
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2950
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2969
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3003
bugzilla.redhat.com/show_bug.cgi?id=1666738
bugzilla.redhat.com/show_bug.cgi?id=1666740
bugzilla.redhat.com/show_bug.cgi?id=1666741
bugzilla.redhat.com/show_bug.cgi?id=1666742
bugzilla.redhat.com/show_bug.cgi?id=1666743
bugzilla.redhat.com/show_bug.cgi?id=1666744
bugzilla.redhat.com/show_bug.cgi?id=1666745
bugzilla.redhat.com/show_bug.cgi?id=1666746
bugzilla.redhat.com/show_bug.cgi?id=1666747
bugzilla.redhat.com/show_bug.cgi?id=1666748
bugzilla.redhat.com/show_bug.cgi?id=1666749
bugzilla.redhat.com/show_bug.cgi?id=1666750
bugzilla.redhat.com/show_bug.cgi?id=1666751
bugzilla.redhat.com/show_bug.cgi?id=1666753
bugzilla.redhat.com/show_bug.cgi?id=1666755
bugzilla.redhat.com/show_bug.cgi?id=1666756
bugzilla.redhat.com/show_bug.cgi?id=1666757
bugzilla.redhat.com/show_bug.cgi?id=1666758
bugzilla.redhat.com/show_bug.cgi?id=1666759
bugzilla.redhat.com/show_bug.cgi?id=1666760
bugzilla.redhat.com/show_bug.cgi?id=1666761
bugzilla.redhat.com/show_bug.cgi?id=1666762
bugzilla.redhat.com/show_bug.cgi?id=1666763
bugzilla.redhat.com/show_bug.cgi?id=1666764
bugzilla.redhat.com/show_bug.cgi?id=1702958
bugzilla.redhat.com/show_bug.cgi?id=1702959
bugzilla.redhat.com/show_bug.cgi?id=1702960
bugzilla.redhat.com/show_bug.cgi?id=1702961
bugzilla.redhat.com/show_bug.cgi?id=1702962
bugzilla.redhat.com/show_bug.cgi?id=1702963
bugzilla.redhat.com/show_bug.cgi?id=1702964
bugzilla.redhat.com/show_bug.cgi?id=1702965
bugzilla.redhat.com/show_bug.cgi?id=1702966
bugzilla.redhat.com/show_bug.cgi?id=1702967
bugzilla.redhat.com/show_bug.cgi?id=1702968
bugzilla.redhat.com/show_bug.cgi?id=1702969
bugzilla.redhat.com/show_bug.cgi?id=1702970
bugzilla.redhat.com/show_bug.cgi?id=1702971
bugzilla.redhat.com/show_bug.cgi?id=1702972
bugzilla.redhat.com/show_bug.cgi?id=1702973
bugzilla.redhat.com/show_bug.cgi?id=1702974
bugzilla.redhat.com/show_bug.cgi?id=1702975
bugzilla.redhat.com/show_bug.cgi?id=1702976
bugzilla.redhat.com/show_bug.cgi?id=1702977
bugzilla.redhat.com/show_bug.cgi?id=1702978
bugzilla.redhat.com/show_bug.cgi?id=1702979
bugzilla.redhat.com/show_bug.cgi?id=1702981
bugzilla.redhat.com/show_bug.cgi?id=1702982
bugzilla.redhat.com/show_bug.cgi?id=1702983
bugzilla.redhat.com/show_bug.cgi?id=1702984
bugzilla.redhat.com/show_bug.cgi?id=1702985
bugzilla.redhat.com/show_bug.cgi?id=1702986
bugzilla.redhat.com/show_bug.cgi?id=1702987
bugzilla.redhat.com/show_bug.cgi?id=1702989
bugzilla.redhat.com/show_bug.cgi?id=1702990
bugzilla.redhat.com/show_bug.cgi?id=1702991
bugzilla.redhat.com/show_bug.cgi?id=1702992
bugzilla.redhat.com/show_bug.cgi?id=1702993
bugzilla.redhat.com/show_bug.cgi?id=1702994
bugzilla.redhat.com/show_bug.cgi?id=1702995
bugzilla.redhat.com/show_bug.cgi?id=1702997
bugzilla.redhat.com/show_bug.cgi?id=1731997
bugzilla.redhat.com/show_bug.cgi?id=1731998
bugzilla.redhat.com/show_bug.cgi?id=1731999
bugzilla.redhat.com/show_bug.cgi?id=1732000
bugzilla.redhat.com/show_bug.cgi?id=1732005
bugzilla.redhat.com/show_bug.cgi?id=1732006
bugzilla.redhat.com/show_bug.cgi?id=1732007
bugzilla.redhat.com/show_bug.cgi?id=1732008
bugzilla.redhat.com/show_bug.cgi?id=1732009
bugzilla.redhat.com/show_bug.cgi?id=1732010
bugzilla.redhat.com/show_bug.cgi?id=1732011
bugzilla.redhat.com/show_bug.cgi?id=1732012
bugzilla.redhat.com/show_bug.cgi?id=1732013
bugzilla.redhat.com/show_bug.cgi?id=1732015
bugzilla.redhat.com/show_bug.cgi?id=1732017
bugzilla.redhat.com/show_bug.cgi?id=1732018
bugzilla.redhat.com/show_bug.cgi?id=1732019
bugzilla.redhat.com/show_bug.cgi?id=1732020
bugzilla.redhat.com/show_bug.cgi?id=1732021
bugzilla.redhat.com/show_bug.cgi?id=1732022
bugzilla.redhat.com/show_bug.cgi?id=1732023
bugzilla.redhat.com/show_bug.cgi?id=1732024
bugzilla.redhat.com/show_bug.cgi?id=1732025
bugzilla.redhat.com/show_bug.cgi?id=1732026
bugzilla.redhat.com/show_bug.cgi?id=1732027
bugzilla.redhat.com/show_bug.cgi?id=1732028
bugzilla.redhat.com/show_bug.cgi?id=1732029
bugzilla.redhat.com/show_bug.cgi?id=1732030
bugzilla.redhat.com/show_bug.cgi?id=1732031
bugzilla.redhat.com/show_bug.cgi?id=1732032
bugzilla.redhat.com/show_bug.cgi?id=1732034
bugzilla.redhat.com/show_bug.cgi?id=1732035
bugzilla.redhat.com/show_bug.cgi?id=1732036
bugzilla.redhat.com/show_bug.cgi?id=1732037
errata.rockylinux.org/RLSA-2019:2511