EUVD-2022-7763

Malicious code in bioql PyPI...

Arbitrary Command Execution

Shardingsphere-proxy is vulnerable to arbitrary code execution. The vulnerability exists because the mysql database backend fails to properly validate client authentication and does not clear out database sessions on time which allows an attacker to execute commands...

Apache ShardingSphere-Proxy Incomplete Cleanup vulnerability

Apache ShardingSphere-Proxy prior to 5.3.0 when using MySQL as database backend didn't cleanup the database session completely after client authentication failed, which allowed an attacker to execute normal commands by constructing a special MySQL client. This vulnerability has been fixed in Apac...

GHSA-WMXM-6WXC-3XQF Apache ShardingSphere-Proxy Incomplete Cleanup vulnerability

Apache ShardingSphere-Proxy prior to 5.3.0 when using MySQL as database backend didn't cleanup the database session completely after client authentication failed, which allowed an attacker to execute normal commands by constructing a special MySQL client. This vulnerability has been fixed in Apac...

CVE-2022-45347

Apache ShardingSphere-Proxy prior to 5.3.0 when using MySQL as database backend didn't cleanup the database session completely after client authentication failed, which allowed an attacker to execute normal commands by constructing a special MySQL client. This vulnerability has been fixed in Apac...

Authentication flaw

Apache ShardingSphere-Proxy prior to 5.3.0 when using MySQL as database backend didn't cleanup the database session completely after client authentication failed, which allowed an attacker to execute normal commands by constructing a special MySQL client. This vulnerability has been fixed in Apac...

CVE-2022-45347 Apache ShardingSphere-Proxy: MySQL authentication bypass

Apache ShardingSphere-Proxy prior to 5.3.0 when using MySQL as database backend didn't cleanup the database session completely after client authentication failed, which allowed an attacker to execute normal commands by constructing a special MySQL client. This vulnerability has been fixed in Apac...

PT-2022-27475 · Apache · Apache Shardingsphere-Proxy

Name of the Vulnerable Software and Affected Versions: Apache ShardingSphere-Proxy versions prior to 5.3.0 Description: The issue arises when Apache ShardingSphere-Proxy is used with MySQL as the database backend. In versions prior to 5.3.0, the database session is not properly cleaned up after a...