Mysql@8.0.20 Security Vulnerabilities and Issues — Mysql@8.0.20 CVE List

Lucene search

OracleMysql8.0.20

40 matches found

CVE•added 2020/04/21 2:15 p.m.•707 views

CVE-2020-1967

Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorit...

7.5CVSS7.5AI score0.67225EPSS

CVE•added 2020/01/17 12:15 a.m.•527 views

CVE-2020-5398

In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from use...

8CVSS7.3AI score0.90844EPSS

Web

CVE•added 2019/09/15 10:15 p.m.•512 views

CVE-2019-14540

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.

9.8CVSS9.3AI score0.07984EPSS

CVE•added 2020/07/15 6:15 p.m.•504 views

CVE-2020-14550

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise ...

5.3CVSS5.2AI score0.00195EPSS

CVE•added 2020/03/10 6:15 p.m.•377 views

CVE-2020-5258

In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes to overwrite, or pol...

7.7CVSS7.7AI score0.02507EPSS

CVE•added 2020/07/15 6:15 p.m.•371 views

CVE-2020-14697

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Suc...

7.2CVSS6.5AI score0.00922EPSS

CVE•added 2020/07/15 6:15 p.m.•366 views

CVE-2020-14539

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to c...

6.5CVSS6.2AI score0.00582EPSS

CVE•added 2020/07/15 6:15 p.m.•364 views

CVE-2020-14540

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server....

4.9CVSS4.9AI score0.00448EPSS

CVE•added 2020/07/15 6:15 p.m.•362 views

CVE-2020-14663

7.2CVSS6.5AI score0.00922EPSS

CVE•added 2021/01/20 3:15 p.m.•362 views

CVE-2021-1998

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful att...

5.5CVSS3.8AI score0.00353EPSS

CVE•added 2020/07/24 8:15 p.m.•360 views

CVE-2020-14725

4.9CVSS4.9AI score0.0017EPSS

CVE•added 2020/07/15 6:15 p.m.•359 views

CVE-2020-14559

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple proto...

4.3CVSS3.7AI score0.00423EPSS

CVE•added 2020/07/15 6:15 p.m.•359 views

CVE-2020-14576

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. ...

6.5CVSS6.2AI score0.00759EPSS

CVE•added 2020/07/15 6:15 p.m.•359 views

CVE-2020-14678

7.2CVSS6.6AI score0.00906EPSS

CVE•added 2020/07/15 6:15 p.m.•357 views

CVE-2020-14547

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL S...

4.9CVSS4.9AI score0.00448EPSS

CVE•added 2021/01/20 3:15 p.m.•357 views

CVE-2021-2012

6.8CVSS4.8AI score0.00344EPSS

CVE•added 2020/07/15 6:15 p.m.•356 views

CVE-2020-14553

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MyS...

4.3CVSS4.1AI score0.00424EPSS

CVE•added 2020/07/15 6:15 p.m.•351 views

CVE-2020-14641

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS4.8AI score0.00641EPSS

CVE•added 2020/07/15 6:15 p.m.•349 views

CVE-2020-14633

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

4CVSS3.4AI score0.00362EPSS

CVE•added 2020/07/15 6:15 p.m.•347 views

CVE-2020-14568

4.9CVSS4.9AI score0.00568EPSS

CVE•added 2020/07/15 6:15 p.m.•347 views

CVE-2020-14643

5.5CVSS5.4AI score0.00383EPSS

CVE•added 2021/01/20 3:15 p.m.•344 views

CVE-2021-2020

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful atta...

6.8CVSS6.2AI score0.01786EPSS

CVE•added 2020/07/15 6:15 p.m.•343 views

CVE-2020-14586

4.9CVSS4.9AI score0.00562EPSS

CVE•added 2020/07/15 6:15 p.m.•343 views

CVE-2020-14634

4CVSS3AI score0.005EPSS

CVE•added 2020/07/15 6:15 p.m.•342 views

CVE-2020-14624

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: JSON). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks ...

4.9CVSS4.9AI score0.00415EPSS

CVE•added 2020/07/15 6:15 p.m.•342 views

CVE-2020-14651

5.5CVSS5.4AI score0.00383EPSS

CVE•added 2020/07/15 6:15 p.m.•342 views

CVE-2020-14702

4.9CVSS4.9AI score0.00415EPSS

CVE•added 2020/07/15 6:15 p.m.•341 views

CVE-2020-14620

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

4.9CVSS4.9AI score0.00415EPSS

CVE•added 2020/07/15 6:15 p.m.•341 views

CVE-2020-14680

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful atta...

6.5CVSS6.2AI score0.00539EPSS

CVE•added 2020/07/15 6:15 p.m.•340 views

CVE-2020-14614

4.9CVSS4.9AI score0.00568EPSS

CVE•added 2020/10/21 3:15 p.m.•340 views

CVE-2020-14799

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Suc...

4.9CVSS4.9AI score0.00307EPSS

CVE•added 2020/07/15 6:15 p.m.•339 views

CVE-2020-14632

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...

4.9CVSS4.9AI score0.00415EPSS

CVE•added 2020/07/15 6:15 p.m.•337 views

CVE-2020-14631

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Audit). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS4.9AI score0.00415EPSS

CVE•added 2020/07/15 6:15 p.m.•336 views

CVE-2020-14654

4.9CVSS4.9AI score0.00415EPSS

CVE•added 2020/07/15 6:15 p.m.•335 views

CVE-2020-14597

4.9CVSS4.9AI score0.00562EPSS

CVE•added 2020/07/15 6:15 p.m.•335 views

CVE-2020-14623

4.9CVSS4.9AI score0.00415EPSS

CVE•added 2020/07/15 6:15 p.m.•333 views

CVE-2020-14656

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...

4.9CVSS4.9AI score0.00415EPSS

CVE•added 2020/07/15 6:15 p.m.•332 views

CVE-2020-14619

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks...

6.5CVSS6.2AI score0.00729EPSS

CVE•added 2020/07/15 6:15 p.m.•327 views

CVE-2020-14575

4.9CVSS4.9AI score0.00562EPSS

CVE•added 2020/07/15 6:15 p.m.•307 views

CVE-2020-14591

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful ...

6.5CVSS6.3AI score0.00466EPSS