Red Hat Software Collections update for rh-mysql80-mysql
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 114 |
| CVE-ID | CVE-2022-21415 CVE-2022-21444 CVE-2022-21440 CVE-2022-21438 CVE-2022-21437 CVE-2022-21436 CVE-2022-21435 CVE-2022-21427 CVE-2022-21425 CVE-2022-21423 CVE-2022-21418 CVE-2022-21417 CVE-2022-21414 CVE-2022-21452 CVE-2022-21413 CVE-2022-21412 CVE-2022-21379 CVE-2022-21378 CVE-2022-21374 CVE-2022-21372 CVE-2022-21370 CVE-2022-21368 CVE-2022-21367 CVE-2022-21362 CVE-2022-21358 CVE-2022-21352 CVE-2022-21451 CVE-2022-21454 CVE-2022-21348 CVE-2022-21528 CVE-2022-21569 CVE-2022-21556 CVE-2022-21553 CVE-2022-21547 CVE-2022-21539 CVE-2022-21538 CVE-2022-21537 CVE-2022-21534 CVE-2022-21531 CVE-2022-21530 CVE-2022-21529 CVE-2022-21527 CVE-2022-21455 CVE-2022-21526 CVE-2022-21525 CVE-2022-21522 CVE-2022-21517 CVE-2022-21515 CVE-2022-21509 CVE-2022-21479 CVE-2022-21478 CVE-2022-21462 CVE-2022-21460 CVE-2022-21459 CVE-2022-21457 CVE-2022-21351 CVE-2022-21344 CVE-2021-2478 CVE-2021-35612 CVE-2021-35633 CVE-2021-35632 CVE-2021-35631 CVE-2021-35630 CVE-2021-35628 CVE-2021-35627 CVE-2021-35626 CVE-2021-35625 CVE-2021-35624 CVE-2021-35623 CVE-2021-35622 CVE-2021-35610 CVE-2021-35635 CVE-2021-35608 CVE-2021-35607 CVE-2021-35604 CVE-2021-35602 CVE-2021-35597 CVE-2021-35596 CVE-2021-35591 CVE-2021-35577 CVE-2021-35575 CVE-2021-35546 CVE-2021-2481 CVE-2021-2479 CVE-2021-35634 CVE-2021-35636 CVE-2022-21342 CVE-2022-21253 CVE-2022-21339 CVE-2022-21304 CVE-2022-21303 CVE-2022-21302 CVE-2022-21301 CVE-2022-21297 CVE-2022-21278 CVE-2022-21270 CVE-2022-21265 CVE-2022-21264 CVE-2022-21256 CVE-2022-21254 CVE-2022-21249 CVE-2021-35637 CVE-2022-21245 CVE-2021-35648 CVE-2021-35647 CVE-2021-35646 CVE-2021-35645 CVE-2021-35644 CVE-2021-35643 CVE-2021-35642 CVE-2021-35641 CVE-2021-35640 CVE-2021-35639 CVE-2021-35638 |
| CWE-ID | CWE-20 CWE-125 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
rh-mysql80-mysql (Red Hat package) Operating systems & Components / Operating system package or component |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 114 vulnerabilities.
1) Improper input validation
EUVDB-ID: #VU62427
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21415
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Replication component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper input validation
EUVDB-ID: #VU62429
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21444
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper input validation
EUVDB-ID: #VU62411
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21440
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper input validation
EUVDB-ID: #VU62424
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21438
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper input validation
EUVDB-ID: #VU62423
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21437
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Improper input validation
EUVDB-ID: #VU62422
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21436
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper input validation
EUVDB-ID: #VU62421
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21435
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper input validation
EUVDB-ID: #VU62418
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21427
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: FTS component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Improper input validation
EUVDB-ID: #VU62410
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21425
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Improper input validation
EUVDB-ID: #VU62434
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21423
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform service disruption.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform service disruption.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Improper input validation
EUVDB-ID: #VU62415
Risk: Medium
CVSSv3.1: 4.4 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21418
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Improper input validation
EUVDB-ID: #VU62416
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21417
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Improper input validation
EUVDB-ID: #VU62420
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21414
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Improper input validation
EUVDB-ID: #VU62425
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21452
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Improper input validation
EUVDB-ID: #VU62417
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21413
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Improper input validation
EUVDB-ID: #VU62419
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21412
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Improper input validation
EUVDB-ID: #VU59779
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21379
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Group Replication Plugin component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Improper input validation
EUVDB-ID: #VU59773
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21378
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Improper input validation
EUVDB-ID: #VU59781
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21374
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Information Schema component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Improper input validation
EUVDB-ID: #VU59808
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21372
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform service disruption.
The vulnerability exists due to improper input validation within the Server: Security: Encryption component in MySQL Server. A remote privileged user can exploit this vulnerability to perform service disruption.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Improper input validation
EUVDB-ID: #VU59787
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21370
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Improper input validation
EUVDB-ID: #VU59791
Risk: Medium
CVSSv3.1: 4.1 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21368
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to read and manipulate data.
The vulnerability exists due to improper input validation within the Server: Components Services component in MySQL Server. A remote privileged user can exploit this vulnerability to read and manipulate data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Improper input validation
EUVDB-ID: #VU59771
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21367
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Compiling component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Improper input validation
EUVDB-ID: #VU59780
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21362
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Information Schema component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Improper input validation
EUVDB-ID: #VU59738
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21358
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Security: Encryption component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Improper input validation
EUVDB-ID: #VU59770
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21352
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Improper input validation
EUVDB-ID: #VU62428
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21451
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Improper input validation
EUVDB-ID: #VU62404
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21454
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Group Replication Plugin component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Improper input validation
EUVDB-ID: #VU59776
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21348
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Improper input validation
EUVDB-ID: #VU65509
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21528
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Improper input validation
EUVDB-ID: #VU65505
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21569
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Improper input validation
EUVDB-ID: #VU65504
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21556
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Improper input validation
EUVDB-ID: #VU65520
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21553
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Improper input validation
EUVDB-ID: #VU65514
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21547
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Federated component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Improper input validation
EUVDB-ID: #VU65511
Risk: Medium
CVSSv3.1: 4.4 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21539
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to read and manipulate data.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote authenticated user can exploit this vulnerability to read and manipulate data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Improper input validation
EUVDB-ID: #VU65526
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21538
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform service disruption.
The vulnerability exists due to improper input validation within the Server: Security: Encryption component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform service disruption.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Improper input validation
EUVDB-ID: #VU65513
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21537
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Improper input validation
EUVDB-ID: #VU65523
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21534
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Stored Procedure component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Improper input validation
EUVDB-ID: #VU65519
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21531
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Improper input validation
EUVDB-ID: #VU65518
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21530
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) Improper input validation
EUVDB-ID: #VU65517
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21529
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) Improper input validation
EUVDB-ID: #VU65508
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21527
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
43) Improper input validation
EUVDB-ID: #VU65522
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21455
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to manipulate data.
The vulnerability exists due to improper input validation within the Server: PAM Auth Plugin component in MySQL Server. A remote privileged user can exploit this vulnerability to manipulate data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) Improper input validation
EUVDB-ID: #VU65516
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21526
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) Improper input validation
EUVDB-ID: #VU65515
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21525
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Improper input validation
EUVDB-ID: #VU65524
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21522
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Stored Procedure component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) Improper input validation
EUVDB-ID: #VU65512
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21517
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) Improper input validation
EUVDB-ID: #VU65521
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21515
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Options component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
49) Improper input validation
EUVDB-ID: #VU65510
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21509
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
50) Input validation error
EUVDB-ID: #VU62414
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21479
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the Optimizer component. A remote user can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
51) Improper input validation
EUVDB-ID: #VU62413
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21478
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
52) Improper input validation
EUVDB-ID: #VU62426
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21462
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
53) Improper input validation
EUVDB-ID: #VU62430
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21460
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Server: Logging component in MySQL Server. A remote privileged user can exploit this vulnerability to gain access to sensitive information.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
54) Improper input validation
EUVDB-ID: #VU62412
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21459
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
55) Improper input validation
EUVDB-ID: #VU62409
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21457
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Server: PAM Auth Plugin component in MySQL Server. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
56) Improper input validation
EUVDB-ID: #VU59736
Risk: Medium
CVSSv3.1: 6.2 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21351
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
57) Improper input validation
EUVDB-ID: #VU59789
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21344
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Replication component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
58) Improper input validation
EUVDB-ID: #VU57516
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-2478
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
59) Improper input validation
EUVDB-ID: #VU57512
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35612
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
60) Improper input validation
EUVDB-ID: #VU57549
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35633
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform service disruption.
The vulnerability exists due to improper input validation within the Server: Logging component in MySQL Server. A remote privileged user can exploit this vulnerability to perform service disruption.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
61) Improper input validation
EUVDB-ID: #VU57545
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35632
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Data Dictionary component in MySQL Server. A local privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
62) Improper input validation
EUVDB-ID: #VU57522
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35631
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: GIS component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
63) Improper input validation
EUVDB-ID: #VU57539
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35630
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to manipulate data.
The vulnerability exists due to improper input validation within the Server: Options component in MySQL Server. A remote privileged user can exploit this vulnerability to manipulate data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
64) Improper input validation
EUVDB-ID: #VU57525
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35628
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
65) Improper input validation
EUVDB-ID: #VU57524
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35627
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
66) Improper input validation
EUVDB-ID: #VU57523
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35626
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
67) Improper input validation
EUVDB-ID: #VU57550
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35625
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote privileged user can exploit this vulnerability to gain access to sensitive information.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
68) Improper input validation
EUVDB-ID: #VU57543
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35624
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to manipulate data.
The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote privileged user can exploit this vulnerability to manipulate data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
69) Improper input validation
EUVDB-ID: #VU57551
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35623
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Server: Security: Roles component in MySQL Server. A remote privileged user can exploit this vulnerability to gain access to sensitive information.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
70) Improper input validation
EUVDB-ID: #VU57542
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35622
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Security: Encryption component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
71) Improper input validation
EUVDB-ID: #VU57500
Risk: Medium
CVSSv3.1: 6.2 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35610
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
72) Improper input validation
EUVDB-ID: #VU57529
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35635
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
73) Improper input validation
EUVDB-ID: #VU57513
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35608
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Group Replication Plugin component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
74) Improper input validation
EUVDB-ID: #VU57502
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35607
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
75) Improper input validation
EUVDB-ID: #VU57511
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35604
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
76) Improper input validation
EUVDB-ID: #VU57514
Risk: Medium
CVSSv3.1: 4.4 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35602
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Options component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
77) Improper input validation
EUVDB-ID: #VU57501
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35597
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the C API component in MySQL Client. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
78) Improper input validation
EUVDB-ID: #VU57520
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35596
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Error Handling component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
79) Improper input validation
EUVDB-ID: #VU57519
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35591
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
80) Improper input validation
EUVDB-ID: #VU57515
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35577
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
81) Improper input validation
EUVDB-ID: #VU57527
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35575
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
82) Improper input validation
EUVDB-ID: #VU57541
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35546
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Replication component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
83) Improper input validation
EUVDB-ID: #VU57503
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-2481
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
84) Improper input validation
EUVDB-ID: #VU57517
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-2479
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
85) Improper input validation
EUVDB-ID: #VU57528
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35634
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
86) Improper input validation
EUVDB-ID: #VU57530
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35636
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
87) Improper input validation
EUVDB-ID: #VU59786
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21342
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
88) Improper input validation
EUVDB-ID: #VU59782
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21253
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
89) Improper input validation
EUVDB-ID: #VU59785
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21339
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
90) Improper input validation
EUVDB-ID: #VU59788
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21304
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Parser component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
91) Improper input validation
EUVDB-ID: #VU59790
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21303
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Stored Procedure component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
92) Improper input validation
EUVDB-ID: #VU59774
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21302
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
93) Improper input validation
EUVDB-ID: #VU59772
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21301
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
94) Improper input validation
EUVDB-ID: #VU59784
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21297
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
95) Improper input validation
EUVDB-ID: #VU59735
Risk: Medium
CVSSv3.1: 6.2 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21278
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
96) Improper input validation
EUVDB-ID: #VU59777
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21270
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Federated component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
97) Improper input validation
EUVDB-ID: #VU59793
Risk: Low
CVSSv3.1: 3.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21265
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to manipulate or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to manipulate or delete data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
98) Improper input validation
EUVDB-ID: #VU59783
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21264
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
99) Improper input validation
EUVDB-ID: #VU59778
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21256
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Group Replication Plugin component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
100) Improper input validation
EUVDB-ID: #VU59775
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21254
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
101) Improper input validation
EUVDB-ID: #VU59807
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21249
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform service disruption.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to perform service disruption.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
102) Improper input validation
EUVDB-ID: #VU57540
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35637
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: PS component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
103) Improper input validation
EUVDB-ID: #VU59792
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21245
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to manipulate data.
The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote authenticated user can exploit this vulnerability to manipulate data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
104) Improper input validation
EUVDB-ID: #VU57521
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35648
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: FTS component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
105) Improper input validation
EUVDB-ID: #VU57538
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35647
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
106) Improper input validation
EUVDB-ID: #VU57537
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35646
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
107) Improper input validation
EUVDB-ID: #VU57536
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35645
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
108) Improper input validation
EUVDB-ID: #VU57535
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35644
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
109) Improper input validation
EUVDB-ID: #VU57534
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35643
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
110) Improper input validation
EUVDB-ID: #VU57533
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35642
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
111) Improper input validation
EUVDB-ID: #VU57532
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35641
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
112) Improper input validation
EUVDB-ID: #VU57548
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35640
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to manipulate data.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to manipulate data.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
113) Improper input validation
EUVDB-ID: #VU57544
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35639
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Stored Procedure component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
114) Improper input validation
EUVDB-ID: #VU57531
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35638
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
rh-mysql80-mysql (Red Hat package): 8.0.17-1.el7 - 8.0.26-1.el7
CPE2.3- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.26-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.21-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
- cpe:2.3:o:red_hat:rh-mysql80-mysql_redhat_package:8.0.17-1.el7:*:*:*:*:red_hat_enterprise_linux:*:
http://access.redhat.com/errata/RHSA-2022:6518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
