Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2024 Canonical, Inc. / NASL script (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-6615-1.NASL
HistoryJan 30, 2024 - 12:00 a.m.

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : MySQL vulnerabilities (USN-6615-1)

2024-01-3000:00:00
Ubuntu Security Notice (C) 2024 Canonical, Inc. / NASL script (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17
ubuntu 20.04 lts
ubuntu 22.04 lts
ubuntu 23.10
mysql server
oracle mysql
vulnerabilities
usn-6615-1
server: optimizer
server: security: encryption
server: replication
server: ddl
server: dml

6.5 Medium

AI Score

Confidence

High

JSON

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6615-1 advisory.

  • Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.
    Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2024-20961, CVE-2024-20973, CVE-2024-20977)

  • Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).
    Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2024-20963)

  • Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
    Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2024-20965, CVE-2024-20971)

  • Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
    Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2024-20967)

  • Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2024-20969)

  • Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2024-20981)

  • Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2024-20983)

  • Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2024-20985)

  • The vulnerability exists due to improper input validation within the Server: RAPID component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack. (CVE-2024-20960)

  • The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack. (CVE-2024-20962)

  • The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack. (CVE-2024-20964)

  • The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack. (CVE-2024-20966, CVE-2024-20970, CVE-2024-20972, CVE-2024-20974, CVE-2024-20976, CVE-2024-20978, CVE-2024-20982)

  • The vulnerability exists due to improper input validation within the Server : Security : Firewall component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack. (CVE-2024-20984)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-6615-1. The text
# itself is copyright (C) Canonical, Inc. See
# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
##

include('compat.inc');

if (description)
{
  script_id(189776);
  script_version("1.0");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/30");

  script_cve_id(
    "CVE-2024-20960",
    "CVE-2024-20961",
    "CVE-2024-20962",
    "CVE-2024-20963",
    "CVE-2024-20964",
    "CVE-2024-20965",
    "CVE-2024-20966",
    "CVE-2024-20967",
    "CVE-2024-20969",
    "CVE-2024-20970",
    "CVE-2024-20971",
    "CVE-2024-20972",
    "CVE-2024-20973",
    "CVE-2024-20974",
    "CVE-2024-20976",
    "CVE-2024-20977",
    "CVE-2024-20978",
    "CVE-2024-20981",
    "CVE-2024-20982",
    "CVE-2024-20983",
    "CVE-2024-20984",
    "CVE-2024-20985"
  );
  script_xref(name:"USN", value:"6615-1");

  script_name(english:"Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : MySQL vulnerabilities (USN-6615-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple
vulnerabilities as referenced in the USN-6615-1 advisory.

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
    versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability
    allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.
    Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently
    repeatable crash (complete DOS) of MySQL Server. (CVE-2024-20961, CVE-2024-20973, CVE-2024-20977)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).
    Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable
    vulnerability allows low privileged attacker with network access via multiple protocols to compromise
    MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang
    or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2024-20963)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
    versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability
    allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
    Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently
    repeatable crash (complete DOS) of MySQL Server. (CVE-2024-20965, CVE-2024-20971)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported
    versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability
    allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
    Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently
    repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to
    some of MySQL Server accessible data. (CVE-2024-20967)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions
    that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high
    privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
    attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
    crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of
    MySQL Server accessible data. (CVE-2024-20969)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions
    that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high
    privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
    attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
    crash (complete DOS) of MySQL Server. (CVE-2024-20981)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions
    that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker
    with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
    vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
    DOS) of MySQL Server. (CVE-2024-20983)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions
    that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low
    privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
    attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
    crash (complete DOS) of MySQL Server. (CVE-2024-20985)

  - The vulnerability exists due to improper input validation within the Server: RAPID component in MySQL
    Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS)
    attack. (CVE-2024-20960)

  - The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL
    Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS)
    attack. (CVE-2024-20962)

  - The vulnerability exists due to improper input validation within the Server: Security: Privileges
    component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial
    of service (DoS) attack. (CVE-2024-20964)

  - The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL
    Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS)
    attack. (CVE-2024-20966, CVE-2024-20970, CVE-2024-20972, CVE-2024-20974, CVE-2024-20976, CVE-2024-20978,
    CVE-2024-20982)

  - The vulnerability exists due to improper input validation within the Server : Security : Firewall
    component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of
    service (DoS) attack. (CVE-2024-20984)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-6615-1");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:M/C:N/I:P/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-20969");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/01/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/01/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/01/30");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:22.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:23.10");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient21");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-client-8.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-client-core-8.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-router");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-server-8.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-server-core-8.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-source-8.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-testsuite");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-testsuite-8.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Ubuntu Local Security Checks");

  script_copyright(english:"Ubuntu Security Notice (C) 2024 Canonical, Inc. / NASL script (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('20.04' >< os_release || '22.04' >< os_release || '23.10' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04 / 22.04 / 23.10', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

var pkgs = [
    {'osver': '20.04', 'pkgname': 'libmysqlclient-dev', 'pkgver': '8.0.36-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'libmysqlclient21', 'pkgver': '8.0.36-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'mysql-client', 'pkgver': '8.0.36-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'mysql-client-8.0', 'pkgver': '8.0.36-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'mysql-client-core-8.0', 'pkgver': '8.0.36-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'mysql-router', 'pkgver': '8.0.36-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'mysql-server', 'pkgver': '8.0.36-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'mysql-server-8.0', 'pkgver': '8.0.36-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'mysql-server-core-8.0', 'pkgver': '8.0.36-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'mysql-source-8.0', 'pkgver': '8.0.36-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'mysql-testsuite', 'pkgver': '8.0.36-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'mysql-testsuite-8.0', 'pkgver': '8.0.36-0ubuntu0.20.04.1'},
    {'osver': '22.04', 'pkgname': 'libmysqlclient-dev', 'pkgver': '8.0.36-0ubuntu0.22.04.1'},
    {'osver': '22.04', 'pkgname': 'libmysqlclient21', 'pkgver': '8.0.36-0ubuntu0.22.04.1'},
    {'osver': '22.04', 'pkgname': 'mysql-client', 'pkgver': '8.0.36-0ubuntu0.22.04.1'},
    {'osver': '22.04', 'pkgname': 'mysql-client-8.0', 'pkgver': '8.0.36-0ubuntu0.22.04.1'},
    {'osver': '22.04', 'pkgname': 'mysql-client-core-8.0', 'pkgver': '8.0.36-0ubuntu0.22.04.1'},
    {'osver': '22.04', 'pkgname': 'mysql-router', 'pkgver': '8.0.36-0ubuntu0.22.04.1'},
    {'osver': '22.04', 'pkgname': 'mysql-server', 'pkgver': '8.0.36-0ubuntu0.22.04.1'},
    {'osver': '22.04', 'pkgname': 'mysql-server-8.0', 'pkgver': '8.0.36-0ubuntu0.22.04.1'},
    {'osver': '22.04', 'pkgname': 'mysql-server-core-8.0', 'pkgver': '8.0.36-0ubuntu0.22.04.1'},
    {'osver': '22.04', 'pkgname': 'mysql-source-8.0', 'pkgver': '8.0.36-0ubuntu0.22.04.1'},
    {'osver': '22.04', 'pkgname': 'mysql-testsuite', 'pkgver': '8.0.36-0ubuntu0.22.04.1'},
    {'osver': '22.04', 'pkgname': 'mysql-testsuite-8.0', 'pkgver': '8.0.36-0ubuntu0.22.04.1'},
    {'osver': '23.10', 'pkgname': 'libmysqlclient-dev', 'pkgver': '8.0.36-0ubuntu0.23.10.1'},
    {'osver': '23.10', 'pkgname': 'libmysqlclient21', 'pkgver': '8.0.36-0ubuntu0.23.10.1'},
    {'osver': '23.10', 'pkgname': 'mysql-client', 'pkgver': '8.0.36-0ubuntu0.23.10.1'},
    {'osver': '23.10', 'pkgname': 'mysql-client-8.0', 'pkgver': '8.0.36-0ubuntu0.23.10.1'},
    {'osver': '23.10', 'pkgname': 'mysql-client-core-8.0', 'pkgver': '8.0.36-0ubuntu0.23.10.1'},
    {'osver': '23.10', 'pkgname': 'mysql-router', 'pkgver': '8.0.36-0ubuntu0.23.10.1'},
    {'osver': '23.10', 'pkgname': 'mysql-server', 'pkgver': '8.0.36-0ubuntu0.23.10.1'},
    {'osver': '23.10', 'pkgname': 'mysql-server-8.0', 'pkgver': '8.0.36-0ubuntu0.23.10.1'},
    {'osver': '23.10', 'pkgname': 'mysql-server-core-8.0', 'pkgver': '8.0.36-0ubuntu0.23.10.1'},
    {'osver': '23.10', 'pkgname': 'mysql-source-8.0', 'pkgver': '8.0.36-0ubuntu0.23.10.1'},
    {'osver': '23.10', 'pkgname': 'mysql-testsuite', 'pkgver': '8.0.36-0ubuntu0.23.10.1'},
    {'osver': '23.10', 'pkgname': 'mysql-testsuite-8.0', 'pkgver': '8.0.36-0ubuntu0.23.10.1'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var osver = NULL;
  var pkgname = NULL;
  var pkgver = NULL;
  if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
  if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
  if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
  if (osver && pkgname && pkgver) {
    if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  var tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libmysqlclient-dev / libmysqlclient21 / mysql-client / etc');
}
VendorProductVersionCPE
canonicalubuntu_linux20.04cpe:/o:canonical:ubuntu_linux:20.04:-:lts
canonicalubuntu_linux22.04cpe:/o:canonical:ubuntu_linux:22.04:-:lts
canonicalubuntu_linux23.10cpe:/o:canonical:ubuntu_linux:23.10
canonicalubuntu_linuxlibmysqlclient-devp-cpe:/a:canonical:ubuntu_linux:libmysqlclient-dev
canonicalubuntu_linuxlibmysqlclient21p-cpe:/a:canonical:ubuntu_linux:libmysqlclient21
canonicalubuntu_linuxmysql-clientp-cpe:/a:canonical:ubuntu_linux:mysql-client
canonicalubuntu_linuxmysql-client-8.0p-cpe:/a:canonical:ubuntu_linux:mysql-client-8.0
canonicalubuntu_linuxmysql-client-core-8.0p-cpe:/a:canonical:ubuntu_linux:mysql-client-core-8.0
canonicalubuntu_linuxmysql-routerp-cpe:/a:canonical:ubuntu_linux:mysql-router
canonicalubuntu_linuxmysql-serverp-cpe:/a:canonical:ubuntu_linux:mysql-server
Rows per page:
1-10 of 151

References

Related

openvas 5
osv 18
ubuntu 1
photon 3
f5 2
nessus 14
almalinux 2
oraclelinux 2
redhat 3
prion 22
debiancve 22
ubuntucve 22
cve 22
redhatcve 22
cnvd 10
ibm 1
oracle 1
openvas
openvas
Ubuntu: Security Advisory (USN-6615-1)
2024-01-31 00:00:00
Oracle MySQL Server 8.x <= 8.0.35, 8.1.x <= 8.2.0 Security Update (cpujan2024) - Windows
2024-01-17 00:00:00
Oracle MySQL Server 8.x <= 8.0.35, 8.1.x <= 8.2.0 Security Update (cpujan2024) - Linux
2024-01-17 00:00:00
osv
osv
mysql-8.0 vulnerabilities
2024-01-30 12:38:24
Moderate: mysql security update
2024-03-05 00:00:00
Moderate: mysql:8.0 security update
2024-02-20 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2024-01-30 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2024-3.0-0716
2024-01-21 00:00:00
Critical Photon OS Security Update - PHSA-2024-5.0-0194
2024-01-22 00:00:00
Moderate Photon OS Security Update - PHSA-2024-4.0-0555
2024-01-23 00:00:00
f5
f5
K000138460 : Multiple MySQL vulnerabilities
2024-02-02 00:00:00
K000138704 : Multiple MySQL vulnerabilities
2024-02-23 00:00:00
nessus
nessus
Oracle MySQL Server 8.x < 8.3.0 (January 2024 CPU)
2024-01-19 00:00:00
Oracle MySQL Server 8.0.x < 8.0.36 (April 2024 CPU)
2024-01-19 00:00:00
AlmaLinux 8 : mysql:8.0 (ALSA-2024:0894)
2024-02-22 00:00:00
almalinux
almalinux
Moderate: mysql:8.0 security update
2024-02-20 00:00:00
Moderate: mysql security update
2024-03-05 00:00:00
oraclelinux
oraclelinux
mysql security update
2024-03-06 00:00:00
mysql:8.0 security update
2024-02-21 00:00:00
redhat
redhat
(RHSA-2024:1141) Moderate: mysql security update
2024-03-05 15:32:23
(RHSA-2024:2619) Moderate: rh-mysql80-mysql security update
2024-04-30 16:31:20
(RHSA-2024:0894) Moderate: mysql:8.0 security update
2024-02-20 11:21:25
prion
prion
Code injection
2024-01-16 22:15:00
Code injection
2024-02-17 02:15:00
Code injection
2024-02-17 02:15:00
debiancve
debiancve
CVE-2024-20983
2024-01-16 22:15:45
CVE-2024-20985
2024-01-16 22:15:45
CVE-2024-20966
2024-02-17 02:15:50
ubuntucve
ubuntucve
CVE-2024-20981
2024-01-16 00:00:00
CVE-2024-20983
2024-01-16 00:00:00
CVE-2024-20970
2024-01-17 00:00:00
cve
cve
CVE-2024-20971
2024-01-16 22:15:44
CVE-2024-20960
2024-02-17 02:15:50
CVE-2024-20972
2024-02-17 02:15:50
redhatcve
redhatcve
CVE-2024-20978
2024-01-17 12:05:46
CVE-2024-20961
2024-01-17 12:03:19
CVE-2024-20984
2024-01-17 12:06:26
cnvd
cnvd
Unspecified Vulnerability in Oracle MySQL (CNVD-2024-11153)
2024-02-22 00:00:00
Unspecified Vulnerability in Oracle MySQL (CNVD-2024-11121)
2024-02-22 00:00:00
Unspecified Vulnerability in Oracle MySQL (CNVD-2024-11158)
2024-02-22 00:00:00
ibm
ibm
Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities in multiple Open Source Software (OSS) components
2024-05-03 21:49:47
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00

6.5 Medium

AI Score

Confidence

High

JSON
Related for UBUNTU_USN-6615-1.NASL
openvas5osv18ubuntu1photon3f52nessus14almalinux2oraclelinux2redhat3prion22debiancve22ubuntucve22cve22redhatcve22cnvd10ibm1oracle1