Lucene search

K
rosalinuxROSA LABROSA-SA-2023-2251
HistoryOct 21, 2023 - 2:46 p.m.

Advisory ROSA-SA-2023-2251

2023-10-2114:46:06
ROSA LAB
abf.rosalinux.ru
10
mariadb 10.5.20
remote attackers
unauthorized access
denial of service
data integrity

6.3 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.2%

software: mariadb 10.5.20
OS: ROSA-CHROME

package_evr_string: mariadb-10.5.20-1.src.rpm

CVE-ID: CVE-2018-2813
BDU-ID: 2019-03456
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the Server: DDL component of the MySQL Server database management system is related to a lack of service data protection. Exploitation of the vulnerability could allow an attacker acting remotely to gain read access to the data
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb

CVE-ID: CVE-2018-2817
BDU-ID: 2019-03457
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the Server: DDL component of the MySQL Server database management system is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb

CVE-ID: CVE-2018-2819
BDU-ID: 2019-03458
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the InnoDB component of the MySQL Server database management system is related to incorrect resource release. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb

CVE-ID: CVE-2018-3058
BDU-ID: 2020-00682
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the MyISAM component of the Oracle MySQL database management system is related to a flaw in the access control mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to impact data integrity
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update mariadb

CVE-ID: CVE-2018-3060
BDU-ID: 2020-04694
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the InnoDB component of the MySQL Server database management system is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to create, delete, or modify access to critical data or all data available to MySQL Server or cause a denial of service via network packets
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update mariadb

CVE-ID: CVE-2018-3063
BDU-ID: 2020-00683
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the Server:Security:Privileges component of the Oracle MySQL database management system is related to a flaw in the access control mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb

CVE-ID: CVE-2018-3064
BDU-ID: 2018-00966
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the InnoDB component of the MySQL database management system is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected data, cause a denial of service using the MySQL Protocol network protocol
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb

CVE-ID: CVE-2018-3066
BDU-ID: 2019-01627
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in an Oracle MySQL server component is related to user access control errors. Exploitation of the vulnerability allows an attacker acting remotely to gain unauthorized access to server functionality and data
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb

CVE-ID: CVE-2018-3081
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: A difficult-to-exploit vulnerability allows an attacker with high privileges and network access through multiple protocols to compromise a MySQL client. Successful attacks against this vulnerability could result in an unauthorized ability to cause the MySQL client to hang or crash frequently (full DOS), as well as unauthorized update, insertion, or removal of access to some available MySQL client data.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb

CVE-ID: CVE-2018-3133
BDU-ID: 2019-00469
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the Server: Parser component of the MySQL Server database management system is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to cause the application to hang or crash using specially crafted network packets
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb

CVE-ID: CVE-2018-3143
BDU-ID: 2019-00471
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the InnoDB component of the MySQL Server database management system is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to cause the application to hang or crash using specially crafted network packets
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb

CVE-ID: CVE-2018-3156
BDU-ID: 2019-00473
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the InnoDB component of the MySQL Server database management system is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to cause the application to hang or crash using specially crafted network packets
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb

CVE-ID: CVE-2018-3162
BDU-ID: 2019-00650
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the InnoDB component of the Oracle MySQL database management system is related to insufficient access controls. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run command: sudo dnf update mariadb

CVE-ID: CVE-2018-3173
BDU-ID: 2019-00652
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the InnoDB component of the Oracle MySQL database management system is related to insufficient access controls. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run command: sudo dnf update mariadb

CVE-ID: CVE-2018-3174
BDU-ID: 2019-00619
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the Client programs component of the Oracle MySQL Server database management system is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb

CVE-ID: CVE-2018-3185
BDU-ID: 2019-00596
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the InnoDB component of the Oracle MySQL database management system is related to insufficient access controls. Exploitation of the vulnerability could allow an attacker acting remotely to change file permissions or cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb

CVE-ID: CVE-2018-3200
BDU-ID: 2019-00654
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the InnoDB component of the Oracle MySQL database management system is related to insufficient access controls. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run command: sudo dnf update mariadb

CVE-ID: CVE-2018-3251
BDU-ID: 2019-00590
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the InnoDB component of the Oracle MySQL database management system is related to insufficient access controls. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run command: sudo dnf update mariadb

CVE-ID: CVE-2018-3277
BDU-ID: 2019-00658
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the InnoDB component of the Oracle MySQL database management system is related to insufficient access controls. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update mariadb

CVE-ID: CVE-2018-3282
BDU-ID: 2019-00662
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the Server: Storage Engines component of the Oracle MySQL database management system is related to insufficient access controls. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update mariadb

OSVersionArchitecturePackageVersionFilename
ROSAanynoarchmariadb< 10.5.20UNKNOWN