59 matches found
PingCAP TiDB 安全漏洞
PingCAP TiDB is an open source, cloud-native, distributed, MySQL-compatible database for elastic scaling and real-time analytics from China-based PingCAP. A security vulnerability exists in PingCAP TiDB version v7.5.1, which originates from the inclusion of a null pointer dereference via the...
PingCAP TiDB 安全漏洞
PingCAP TiDB is an open source, cloud-native, distributed, MySQL-compatible database for elastic scaling and real-time analytics from China-based PingCAP. A security vulnerability exists in PingCAP TiDB version v7.5.1, which stems from a contained buffer overflow vulnerability that could lead to ...
PT-2024-25496 · Pingcap · Tidb
Name of the Vulnerable Software and Affected Versions: PingCAP TiDB version 7.5.1 Description: A buffer overflow issue was discovered, which could lead to database crashes and denial of service attacks. Recommendations: For PingCAP TiDB version 7.5.1, at the moment, there is no information about ...
Arbitrary Code Execution
github.com/pingcap/tidb is vulnerable to arbitrary code execution. The vulnerability exists because the data source name string in the database connection is not properly neutralized which allows an attacker to inject malicious code and get read access to files in the system...
Format string
Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...
PingCAP TiDB 格式化字符串错误漏洞
PingCAP TiDB is an open source, cloud-native, distributed, MySQL-compatible database for elastic scaling and real-time analytics from China-based PingCAP. A formatting string error vulnerability exists in PingCAP TiDB versions prior to 6.1.3 through 6.4.0, which stems from its use of externally...
CVE-2022-3023 Use of Externally-Controlled Format String in pingcap/tidb
Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...
CVE-2022-3023 Use of Externally-Controlled Format String in pingcap/tidb
Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...
CVE-2022-3023 Use of Externally-Controlled Format String in pingcap/tidb
Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...
CVE-2022-3023
The CVE-2022-3023 entry relates to a vulnerability in the PingCAP TiDB server where an externally controlled format string is used, affecting TiDB and specifically versions prior to 6.4.0 and prior to 6.1.3. The issue is described as a format-string vulnerability that can lead to unintended behav...
CVE-2022-34969
PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...
CVE-2022-34969
PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...
CVE-2022-34969
PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...
Null pointer dereference
PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...
CVE-2022-34969
PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...
CVE-2022-34969
CVE-2022-34969 concerns PingCAP TiDB v6.1.0, where a NULL pointer dereference in TiDB is confirmed by multiple sources. The CVE entry documents the issue as a NULL pointer dereference with a high impact on availability (NVD: CVSSv3.1 base 7.5, AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Several connect...
PingCAP TiDB 代码问题漏洞
PingCAP TiDB is an open source, cloud-native, distributed, MySQL-compatible database for elastic scaling and real-time analytics from China-based PingCAP. A code issue vulnerability exists in PingCAP TiDB version v6.1.0, which stems from the presence of null pointer references...
PingCAP TiDB 授权问题漏洞
PingCAP TiDB is an open source, cloud-native, distributed, MySQL-compatible database for elastic scaling and real-time analytics from China-based PingCAP. PingCAP TiDB version 5.3.0 suffers from an authorization issue vulnerability, which stems from a problem with application rights management. A...
Authentication Bypass
github.com/pingcap/tidb is vulnerable to Authentication Bypass. The vulnerability exists because the library does not properly restrict the access path, allowing an attacker to bypass the authentication process by providing malicious authentication requests, resulting in privilege escalation or...