K000148313: MySQL vulnerabilities CVE-2024-21247, CVE-2024-21209, and CVE-2024-21231

Security Advisory Description CVE-2024-21247 Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker wit...

Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized update insert or delete access to some of MySQL Client accessible data as well as unauthorized read access to a subset of MySQL Client accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N).

...

Unspecified Vulnerability in Oracle MySQL (CNVD-2025-18131)

Oracle MySQL is an open source relational database management system.MySQL Client is a MySQL client, a program used to communicate with a server to process information in a database managed by the server. A security vulnerability exists in MySQL Client for Oracle MySQL, which can be exploited by ...

CVE-2024-21247

Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

CVE-2024-21247

Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

CVE-2024-21247

Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

AZL-50412 CVE-2024-21247 affecting package mysql for versions less than 8.0.40-1

Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

CVE-2024-21209

Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

UBUNTU-CVE-2024-21209

Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

UBUNTU-CVE-2024-21231

Vulnerability in the MySQL Server product of Oracle MySQL component: Client programs. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to...

CVE-2024-21247

Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

CVE-2024-21209

Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

Oracle MySQL 安全漏洞

Oracle MySQL is an open source relational database management system.MySQL Client is a MySQL client, a program used to communicate with a server to process information in a database managed by the server. A security vulnerability exists in MySQL Client for Oracle MySQL, which can be exploited by ...

[SECURITY] Fedora 40 Update: python-PyMySQL-1.1.1-1.fc40

This package contains a pure-Python MySQL client library. The goal of PyMySQL is to be a drop-in replacement for MySQLdb and work on CPython, PyPy, IronPython and Jython...

MySQL2 安全漏洞

MySQL2 is a MySQL client for Node.js by the individual developer Andrey Sidorov. A security vulnerability exists in MySQL2 versions prior to 3.9.8 that stems from a prototype contamination vulnerability due to improper sanitization of input passed to fields and tables when using nestTables...

[SECURITY] [DLA 3822-1] python-pymysql security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3822-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb May 27, 2024 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...

PyMySQL 安全漏洞

PyMySQL is a pure Python MySQL client library based on PEP 249 from the PyMySQL open source. A security vulnerability exists in PyMySQL 1.1.0 and earlier versions that stems from the presence of SQL injection...

mysql2 安全漏洞

MySQL2 is a MySQL client for Node.js by the individual developer Andrey Sidorov. A security vulnerability exists in versions of mysql2 prior to 3.9.4, which stems from vulnerability to Remote Code Execution RCE attacks via the readCodeFor function...

BIT-MYSQL-CLIENT-2020-2752

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.47 and prior, 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise...

BIT-MARIADB-2020-14550

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise...