Anolis OS update for mysql:8.0 module
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 41 |
| CVE-ID | CVE-2022-21594 CVE-2022-21599 CVE-2022-21604 CVE-2022-21608 CVE-2022-21611 CVE-2022-21617 CVE-2022-21625 CVE-2022-21632 CVE-2022-21633 CVE-2022-21637 CVE-2022-21640 CVE-2022-39400 CVE-2022-39408 CVE-2022-39410 CVE-2023-21836 CVE-2023-21863 CVE-2023-21864 CVE-2023-21865 CVE-2023-21867 CVE-2023-21868 CVE-2023-21869 CVE-2023-21870 CVE-2023-21871 CVE-2023-21873 CVE-2023-21874 CVE-2023-21875 CVE-2023-21876 CVE-2023-21877 CVE-2023-21878 CVE-2023-21879 CVE-2023-21880 CVE-2023-21881 CVE-2023-21882 CVE-2023-21883 CVE-2023-21887 CVE-2023-21912 CVE-2023-21917 CVE-2023-21913 CVE-2023-22015 CVE-2023-22026 CVE-2023-22028 |
| CWE-ID | CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Anolis OS Operating systems & Components / Operating system mysql-test Operating systems & Components / Operating system package or component mysql-server Operating systems & Components / Operating system package or component mysql-libs Operating systems & Components / Operating system package or component mysql-errmsg Operating systems & Components / Operating system package or component mysql-devel Operating systems & Components / Operating system package or component mysql-common Operating systems & Components / Operating system package or component mysql Operating systems & Components / Operating system package or component mecab Operating systems & Components / Operating system package or component mecab-ipadic-EUCJP Operating systems & Components / Operating system package or component mecab-ipadic Operating systems & Components / Operating system package or component |
| Vendor | OpenAnolis |
Security Bulletin
This security bulletin contains information about 41 vulnerabilities.
1) Improper input validation
EUVDB-ID: #VU68451
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21594
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper input validation
EUVDB-ID: #VU68460
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21599
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Stored Procedure component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper input validation
EUVDB-ID: #VU68447
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21604
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper input validation
EUVDB-ID: #VU68453
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21608
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper input validation
EUVDB-ID: #VU68467
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-21611
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A local privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Improper input validation
EUVDB-ID: #VU68449
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21617
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Connection Handling component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper input validation
EUVDB-ID: #VU68462
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-21625
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper input validation
EUVDB-ID: #VU68459
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21632
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Improper input validation
EUVDB-ID: #VU68458
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21633
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Replication component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Improper input validation
EUVDB-ID: #VU68448
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21637
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Improper input validation
EUVDB-ID: #VU68455
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21640
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Improper input validation
EUVDB-ID: #VU68457
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-39400
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Improper input validation
EUVDB-ID: #VU68445
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-39408
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Improper input validation
EUVDB-ID: #VU68446
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-39410
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Improper input validation
EUVDB-ID: #VU71270
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21836
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Improper input validation
EUVDB-ID: #VU71272
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21863
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Improper input validation
EUVDB-ID: #VU71273
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21864
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Improper input validation
EUVDB-ID: #VU71274
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21865
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Improper input validation
EUVDB-ID: #VU71276
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21867
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Improper input validation
EUVDB-ID: #VU71262
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21868
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Improper input validation
EUVDB-ID: #VU71265
Risk: Medium
CVSSv4.0: 4.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21869
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Improper input validation
EUVDB-ID: #VU71277
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21870
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Improper input validation
EUVDB-ID: #VU71269
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21871
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Improper input validation
EUVDB-ID: #VU71278
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21873
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Improper input validation
EUVDB-ID: #VU71286
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-21874
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform service disruption.
The vulnerability exists due to improper input validation within the Server: Thread Pooling component in MySQL Server. A remote privileged user can exploit this vulnerability to perform service disruption.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Improper input validation
EUVDB-ID: #VU71264
Risk: Medium
CVSSv4.0: 2.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21875
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Security: Encryption component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Improper input validation
EUVDB-ID: #VU71279
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21876
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Improper input validation
EUVDB-ID: #VU71266
Risk: Medium
CVSSv4.0: 4.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21877
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Improper input validation
EUVDB-ID: #VU71280
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21878
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Improper input validation
EUVDB-ID: #VU71281
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21879
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Improper input validation
EUVDB-ID: #VU71267
Risk: Medium
CVSSv4.0: 4.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21880
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Improper input validation
EUVDB-ID: #VU71282
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21881
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Improper input validation
EUVDB-ID: #VU71285
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-21882
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to manipulate data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to manipulate data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Improper input validation
EUVDB-ID: #VU71283
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21883
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Improper input validation
EUVDB-ID: #VU71271
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21887
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: GIS component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Improper input validation
EUVDB-ID: #VU75270
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21912
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Improper input validation
EUVDB-ID: #VU75282
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21917
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Improper input validation
EUVDB-ID: #VU75281
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21913
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Improper input validation
EUVDB-ID: #VU82156
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22015
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Improper input validation
EUVDB-ID: #VU82157
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22026
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) Improper input validation
EUVDB-ID: #VU82158
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22028
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.32-1.0.1
mysql-server: before 8.0.32-1.0.1
mysql-libs: before 8.0.32-1.0.1
mysql-errmsg: before 8.0.32-1.0.1
mysql-devel: before 8.0.32-1.0.1
mysql-common: before 8.0.32-1.0.1
mysql: before 8.0.32-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2023:0182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
