CVE-2024-41434

PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component Column.GetDecimal. This allows attackers to cause a Denial of Service DoS via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the retu...

PT-2024-29395 · Pingcap · Tidb

Name of the Vulnerable Software and Affected Versions: PingCAP TiDB version 8.1.0 Description: The issue is related to a buffer overflow via the Column.GetDecimal component, which can be exploited to cause a Denial of Service DoS by providing a crafted input to the 'RemoveUnnecessaryFirstRow'...