104 matches found
Format string
Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...
PingCAP TiDB 格式化字符串错误漏洞
PingCAP TiDB is an open source, cloud-native, distributed, MySQL-compatible database for elastic scaling and real-time analytics from China-based PingCAP. A formatting string error vulnerability exists in PingCAP TiDB versions prior to 6.1.3 through 6.4.0, which stems from its use of externally...
CVE-2022-3023 Use of Externally-Controlled Format String in pingcap/tidb
Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...
CVE-2022-3023
The CVE-2022-3023 entry relates to a vulnerability in the PingCAP TiDB server where an externally controlled format string is used, affecting TiDB and specifically versions prior to 6.4.0 and prior to 6.1.3. The issue is described as a format-string vulnerability that can lead to unintended behav...
PT-2022-20025 · Tidb · Tidb
Name of the Vulnerable Software and Affected Versions: TiDB versions prior to 6.4.0 TiDB versions prior to 6.1.3 Description: The issue concerns the use of an externally-controlled format string and data source name injection in the TiDB server. Specifically, the database name for generating and...
CVE-2022-3023 Use of Externally-Controlled Format String in pingcap/tidb
Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...
CVE-2022-3023 Use of Externally-Controlled Format String in pingcap/tidb
Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...
Denial Of Service (DoS)
github.com/pingcap/tidb is vulnerable to Denial Of Service DoS. The vulnerability exists in AuthOpt parameter in grant.go because of null pointer dereference which allows to an attacker to crash the application...
CVE-2022-34969
PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...
CVE-2022-34969
PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...
Null pointer dereference
PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...
CVE-2022-34969
PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...
CVE-2022-34969
PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...
CVE-2022-34969
CVE-2022-34969 concerns PingCAP TiDB v6.1.0, where a NULL pointer dereference in TiDB is confirmed by multiple sources. The CVE entry documents the issue as a NULL pointer dereference with a high impact on availability (NVD: CVSSv3.1 base 7.5, AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Several connect...
PingCAP TiDB 代码问题漏洞
PingCAP TiDB is an open source, cloud-native, distributed, MySQL-compatible database for elastic scaling and real-time analytics from China-based PingCAP. A code issue vulnerability exists in PingCAP TiDB version v6.1.0, which stems from the presence of null pointer references...
PT-2022-22464 · Pingcap · Tidb
Name of the Vulnerable Software and Affected Versions: PingCAP TiDB version 6.1.0 Description: A NULL pointer dereference issue was discovered in PingCAP TiDB. Recommendations: For PingCAP TiDB version 6.1.0, at the moment, there is no information about a newer version that contains a fix for thi...
TiDB authentication bypass vulnerability
Impact Under certain conditions, an attacker can construct malicious authentication requests to bypass the authentication process, resulting in privilege escalation or unauthorized access. Only users using TiDB 5.3.0 are affected by this vulnerability. Patches Please upgrade to TiDB 5.3.1 or high...
GHSA-4WHX-7P29-MQ22 TiDB authentication bypass vulnerability
Impact Under certain conditions, an attacker can construct malicious authentication requests to bypass the authentication process, resulting in privilege escalation or unauthorized access. Only users using TiDB 5.3.0 are affected by this vulnerability. Patches Please upgrade to TiDB 5.3.1 or high...
CVE-2022-31011
TiDB is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing HTAP workloads. Under certain conditions, an attacker can construct malicious authentication requests to bypass the authentication process, resulting in privilege escalation or unauthorized access...
Authentication flaw
TiDB is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing HTAP workloads. Under certain conditions, an attacker can construct malicious authentication requests to bypass the authentication process, resulting in privilege escalation or unauthorized access...