Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/04/11 10:53 p.m.22 views

CVE-2025-24375

Charmed MySQL K8s operator is a Charmed Operator for running MySQL on Kubernetes. Before revision 221, the method for calling a SQL DDL or python based mysql-shell scripts can leak database users credentials. The method mysql-operator calls mysql-shell application rely on writing to a temporary...

5CVSS7.2AI score0.00147EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/09 10:21 p.m.5 views

CVE-2025-24375 MySQL K8s charm could leak credentials for root-level user `serverconfig`

Charmed MySQL K8s operator is a Charmed Operator for running MySQL on Kubernetes. Before revision 221, the method for calling a SQL DDL or python based mysql-shell scripts can leak database users credentials. The method mysql-operator calls mysql-shell application rely on writing to a temporary...

5CVSS7.2AI score0.00147EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/04/09 10:21 p.m.34 views

CVE-2025-24375 MySQL K8s charm could leak credentials for root-level user `serverconfig`

Charmed MySQL K8s operator is a Charmed Operator for running MySQL on Kubernetes. Before revision 221, the method for calling a SQL DDL or python based mysql-shell scripts can leak database users credentials. The method mysql-operator calls mysql-shell application rely on writing to a temporary...

5CVSS0.00147EPSS
Exploits0References5
CVE
CVE
added 2025/04/09 10:21 p.m.137 views

CVE-2025-24375

The CVE-2025-24375 entry concerns the Charmed MySQL K8s operator (and machine operator) with credential leakage risk. Root cause: the operator calls the mysql-shell/DDL scripts by writing a temporary script file containing full URIs with user credentials, created with read permissions (0644); unp...

5CVSS5.2AI score0.00147EPSS
Exploits0References5
Rows per page
Query Builder