openEuler 22.03 LTS SP1 update for mysql
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 118 |
| CVE-ID | CVE-2022-21509 CVE-2022-21515 CVE-2022-21517 CVE-2022-21522 CVE-2022-21525 CVE-2022-21526 CVE-2022-21527 CVE-2022-21528 CVE-2022-21529 CVE-2022-21530 CVE-2022-21531 CVE-2022-21534 CVE-2022-21537 CVE-2022-21538 CVE-2022-21539 CVE-2022-21547 CVE-2022-21553 CVE-2022-21569 CVE-2022-21592 CVE-2022-21594 CVE-2022-21599 CVE-2022-21604 CVE-2022-21608 CVE-2022-21611 CVE-2022-21617 CVE-2022-21625 CVE-2022-21632 CVE-2022-21633 CVE-2022-21635 CVE-2022-21637 CVE-2022-21638 CVE-2022-21640 CVE-2022-21641 CVE-2022-32221 CVE-2022-39400 CVE-2022-39408 CVE-2022-39410 CVE-2022-43551 CVE-2023-21836 CVE-2023-21863 CVE-2023-21864 CVE-2023-21865 CVE-2023-21867 CVE-2023-21868 CVE-2023-21869 CVE-2023-21870 CVE-2023-21871 CVE-2023-21872 CVE-2023-21873 CVE-2023-21874 CVE-2023-21875 CVE-2023-21876 CVE-2023-21877 CVE-2023-21878 CVE-2023-21879 CVE-2023-21880 CVE-2023-21881 CVE-2023-21882 CVE-2023-21883 CVE-2023-21887 CVE-2023-21911 CVE-2023-21912 CVE-2023-21913 CVE-2023-21917 CVE-2023-21919 CVE-2023-21920 CVE-2023-21929 CVE-2023-21933 CVE-2023-21935 CVE-2023-21940 CVE-2023-21945 CVE-2023-21946 CVE-2023-21947 CVE-2023-21953 CVE-2023-21955 CVE-2023-21962 CVE-2023-21963 CVE-2023-21966 CVE-2023-21972 CVE-2023-21976 CVE-2023-21977 CVE-2023-21980 CVE-2023-21982 CVE-2023-22005 CVE-2023-22007 CVE-2023-22008 CVE-2023-22015 CVE-2023-22026 CVE-2023-22028 CVE-2023-22032 CVE-2023-22033 CVE-2023-22038 CVE-2023-22046 CVE-2023-22048 CVE-2023-22053 CVE-2023-22054 CVE-2023-22056 CVE-2023-22057 CVE-2023-22058 CVE-2023-22059 CVE-2023-22064 CVE-2023-22065 CVE-2023-22066 CVE-2023-22068 CVE-2023-22070 CVE-2023-22078 CVE-2023-22079 CVE-2023-22084 CVE-2023-22092 CVE-2023-22097 CVE-2023-22103 CVE-2023-22104 CVE-2023-22110 CVE-2023-22111 CVE-2023-22112 CVE-2023-22113 CVE-2023-22114 CVE-2023-22115 |
| CWE-ID | CWE-20 CWE-440 CWE-254 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
openEuler Operating systems & Components / Operating system mysql-server Operating systems & Components / Operating system package or component mysql-config Operating systems & Components / Operating system package or component mysql-debugsource Operating systems & Components / Operating system package or component mysql-devel Operating systems & Components / Operating system package or component mysql-debuginfo Operating systems & Components / Operating system package or component mysql-errmsg Operating systems & Components / Operating system package or component mysql-help Operating systems & Components / Operating system package or component mysql-libs Operating systems & Components / Operating system package or component mysql-test Operating systems & Components / Operating system package or component mysql-common Operating systems & Components / Operating system package or component mysql Operating systems & Components / Operating system package or component |
| Vendor | openEuler |
Security Bulletin
This security bulletin contains information about 118 vulnerabilities.
1) Improper input validation
EUVDB-ID: #VU65510
Risk: Medium
CVSSv4.0: 4.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21509
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper input validation
EUVDB-ID: #VU65521
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21515
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Options component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper input validation
EUVDB-ID: #VU65512
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21517
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper input validation
EUVDB-ID: #VU65524
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-21522
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Stored Procedure component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper input validation
EUVDB-ID: #VU65515
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21525
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Improper input validation
EUVDB-ID: #VU65516
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21526
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper input validation
EUVDB-ID: #VU65508
Risk: Medium
CVSSv4.0: 4.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21527
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper input validation
EUVDB-ID: #VU65509
Risk: Medium
CVSSv4.0: 4.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21528
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Improper input validation
EUVDB-ID: #VU65517
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21529
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Improper input validation
EUVDB-ID: #VU65518
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21530
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Improper input validation
EUVDB-ID: #VU65519
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21531
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Improper input validation
EUVDB-ID: #VU65523
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21534
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Stored Procedure component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Improper input validation
EUVDB-ID: #VU65513
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21537
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Improper input validation
EUVDB-ID: #VU65526
Risk: Low
CVSSv4.0: 0.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-21538
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform service disruption.
The vulnerability exists due to improper input validation within the Server: Security: Encryption component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform service disruption.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Improper input validation
EUVDB-ID: #VU65511
Risk: Medium
CVSSv4.0: 0.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21539
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to read and manipulate data.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote authenticated user can exploit this vulnerability to read and manipulate data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Improper input validation
EUVDB-ID: #VU65514
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21547
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Federated component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Improper input validation
EUVDB-ID: #VU65520
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21553
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Improper input validation
EUVDB-ID: #VU65505
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21569
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Improper input validation
EUVDB-ID: #VU68463
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-21592
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Server: Security: Encryption component in MySQL Server. A remote authenticated user can exploit this vulnerability to gain access to sensitive information.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Improper input validation
EUVDB-ID: #VU68451
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21594
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Improper input validation
EUVDB-ID: #VU68460
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21599
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Stored Procedure component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Improper input validation
EUVDB-ID: #VU68447
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21604
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Improper input validation
EUVDB-ID: #VU68453
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21608
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Improper input validation
EUVDB-ID: #VU68467
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-21611
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A local privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Improper input validation
EUVDB-ID: #VU68449
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21617
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Connection Handling component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Improper input validation
EUVDB-ID: #VU68462
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-21625
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Improper input validation
EUVDB-ID: #VU68459
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21632
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Improper input validation
EUVDB-ID: #VU68458
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21633
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Replication component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Improper input validation
EUVDB-ID: #VU68444
Risk: Medium
CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21635
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Improper input validation
EUVDB-ID: #VU68448
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21637
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Improper input validation
EUVDB-ID: #VU68454
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21638
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Improper input validation
EUVDB-ID: #VU68455
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21640
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Improper input validation
EUVDB-ID: #VU68456
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21641
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Expected behavior violation
EUVDB-ID: #VU68746
Risk: Medium
CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-32221
CWE-ID:
CWE-440 - Expected Behavior Violation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to force unexpected application behavior.
The vulnerability exists due to a logic error for a reused handle when processing subsequent HTTP PUT and POST requests. The libcurl can erroneously use the read callback (CURLOPT_READFUNCTION) to ask for data to send, even when the CURLOPT_POSTFIELDS option has been set, if the same handle previously was used to issue a PUT request, which used that callback. As a result, such behavior can influence application flow and force unpredictable outcome.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Improper input validation
EUVDB-ID: #VU68457
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-39400
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Improper input validation
EUVDB-ID: #VU68445
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-39408
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Improper input validation
EUVDB-ID: #VU68446
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-39410
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Security features bypass
EUVDB-ID: #VU70457
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-43551
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists in the way curl handles IDN characters in hostnames. The HSTS mechanism could be bypassed if the hostname in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Then in a subsequent request it does not detect the HSTS state and makes a clear text transfer.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Improper input validation
EUVDB-ID: #VU71270
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21836
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Improper input validation
EUVDB-ID: #VU71272
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21863
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) Improper input validation
EUVDB-ID: #VU71273
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21864
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) Improper input validation
EUVDB-ID: #VU71274
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21865
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
43) Improper input validation
EUVDB-ID: #VU71276
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21867
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) Improper input validation
EUVDB-ID: #VU71262
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21868
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) Improper input validation
EUVDB-ID: #VU71265
Risk: Medium
CVSSv4.0: 4.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21869
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Improper input validation
EUVDB-ID: #VU71277
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21870
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) Improper input validation
EUVDB-ID: #VU71269
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21871
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) Improper input validation
EUVDB-ID: #VU71268
Risk: Medium
CVSSv4.0: 4.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21872
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
49) Improper input validation
EUVDB-ID: #VU71278
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21873
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
50) Improper input validation
EUVDB-ID: #VU71286
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-21874
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform service disruption.
The vulnerability exists due to improper input validation within the Server: Thread Pooling component in MySQL Server. A remote privileged user can exploit this vulnerability to perform service disruption.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
51) Improper input validation
EUVDB-ID: #VU71264
Risk: Medium
CVSSv4.0: 2.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21875
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Security: Encryption component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
52) Improper input validation
EUVDB-ID: #VU71279
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21876
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
53) Improper input validation
EUVDB-ID: #VU71266
Risk: Medium
CVSSv4.0: 4.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21877
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
54) Improper input validation
EUVDB-ID: #VU71280
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21878
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
55) Improper input validation
EUVDB-ID: #VU71281
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21879
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
56) Improper input validation
EUVDB-ID: #VU71267
Risk: Medium
CVSSv4.0: 4.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21880
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
57) Improper input validation
EUVDB-ID: #VU71282
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21881
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
58) Improper input validation
EUVDB-ID: #VU71285
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-21882
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to manipulate data.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to manipulate data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
59) Improper input validation
EUVDB-ID: #VU71283
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21883
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
60) Improper input validation
EUVDB-ID: #VU71271
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21887
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: GIS component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
61) Improper input validation
EUVDB-ID: #VU75275
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21911
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
62) Improper input validation
EUVDB-ID: #VU75270
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21912
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
63) Improper input validation
EUVDB-ID: #VU75281
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21913
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
64) Improper input validation
EUVDB-ID: #VU75282
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21917
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
65) Improper input validation
EUVDB-ID: #VU75277
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21919
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
66) Improper input validation
EUVDB-ID: #VU75283
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21920
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
67) Improper input validation
EUVDB-ID: #VU75273
Risk: Medium
CVSSv4.0: 4.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21929
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
68) Improper input validation
EUVDB-ID: #VU75278
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21933
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
69) Improper input validation
EUVDB-ID: #VU75284
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21935
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
70) Improper input validation
EUVDB-ID: #VU75291
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-21940
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Components Services component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
71) Improper input validation
EUVDB-ID: #VU75285
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21945
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
72) Improper input validation
EUVDB-ID: #VU75272
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21946
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
73) Improper input validation
EUVDB-ID: #VU75292
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-21947
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Components Services component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
74) Improper input validation
EUVDB-ID: #VU75289
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21953
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Partition component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
75) Improper input validation
EUVDB-ID: #VU75290
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21955
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Partition component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
76) Improper input validation
EUVDB-ID: #VU75276
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21962
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Components Services component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
77) Improper input validation
EUVDB-ID: #VU75293
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-21963
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform service disruption.
The vulnerability exists due to improper input validation within the Server: Connection Handling component in MySQL Server. A remote privileged user can exploit this vulnerability to perform service disruption.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
78) Improper input validation
EUVDB-ID: #VU75280
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21966
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: JSON component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
79) Improper input validation
EUVDB-ID: #VU75279
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21972
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
80) Improper input validation
EUVDB-ID: #VU75286
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21976
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
81) Improper input validation
EUVDB-ID: #VU75287
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21977
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
82) Improper input validation
EUVDB-ID: #VU75271
Risk: Medium
CVSSv4.0: 4.4 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21980
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to execute arbitrary code.
The vulnerability exists due to improper input validation within the Client programs component in MySQL Server. A remote authenticated user can exploit this vulnerability to execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
83) Improper input validation
EUVDB-ID: #VU75288
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21982
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
84) Improper input validation
EUVDB-ID: #VU78429
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-22005
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Replication component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
85) Improper input validation
EUVDB-ID: #VU78425
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22007
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Replication component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
86) Improper input validation
EUVDB-ID: #VU78420
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22008
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
87) Improper input validation
EUVDB-ID: #VU82156
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22015
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
88) Improper input validation
EUVDB-ID: #VU82157
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22026
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
89) Improper input validation
EUVDB-ID: #VU82158
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22028
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
90) Improper input validation
EUVDB-ID: #VU82159
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22032
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
91) Improper input validation
EUVDB-ID: #VU78427
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-22033
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
92) Improper input validation
EUVDB-ID: #VU78431
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-22038
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to manipulate data.
The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote privileged user can exploit this vulnerability to manipulate data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
93) Improper input validation
EUVDB-ID: #VU78421
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22046
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
94) Improper input validation
EUVDB-ID: #VU78430
Risk: Low
CVSSv4.0: 0.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-22048
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Server: Pluggable Auth component in MySQL Server. A remote authenticated user can exploit this vulnerability to gain access to sensitive information.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
95) Improper input validation
EUVDB-ID: #VU78419
Risk: Medium
CVSSv4.0: 2.3 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22053
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to access sensitive information or perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Client programs component in MySQL Server. A remote authenticated user can exploit this vulnerability to access sensitive information or perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
96) Improper input validation
EUVDB-ID: #VU78422
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22054
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
97) Improper input validation
EUVDB-ID: #VU78423
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22056
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
98) Improper input validation
EUVDB-ID: #VU78426
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22057
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Replication component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
99) Improper input validation
EUVDB-ID: #VU78428
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-22058
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
100) Improper input validation
EUVDB-ID: #VU82146
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22059
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
101) Improper input validation
EUVDB-ID: #VU82160
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22064
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
102) Improper input validation
EUVDB-ID: #VU82161
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22065
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
103) Improper input validation
EUVDB-ID: #VU82150
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22066
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
104) Improper input validation
EUVDB-ID: #VU82151
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22068
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
105) Improper input validation
EUVDB-ID: #VU82162
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22070
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
106) Improper input validation
EUVDB-ID: #VU82166
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22078
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
107) Improper input validation
EUVDB-ID: #VU82147
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22079
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
108) Improper input validation
EUVDB-ID: #VU82154
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22084
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
109) Improper input validation
EUVDB-ID: #VU82167
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22092
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
110) Improper input validation
EUVDB-ID: #VU82149
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22097
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
111) Improper input validation
EUVDB-ID: #VU82163
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22103
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
112) Improper input validation
EUVDB-ID: #VU82152
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22104
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
113) Improper input validation
EUVDB-ID: #VU82164
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22110
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
114) Improper input validation
EUVDB-ID: #VU82168
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22111
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: UDF component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
115) Improper input validation
EUVDB-ID: #VU82165
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22112
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
116) Improper input validation
EUVDB-ID: #VU82169
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-22113
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Server: Security: Encryption component in MySQL Server. A remote privileged user can exploit this vulnerability to gain access to sensitive information.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
117) Improper input validation
EUVDB-ID: #VU82153
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22114
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
118) Improper input validation
EUVDB-ID: #VU82155
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22115
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
mysql-server: before 8.0.35-1
mysql-config: before 8.0.35-1
mysql-debugsource: before 8.0.35-1
mysql-devel: before 8.0.35-1
mysql-debuginfo: before 8.0.35-1
mysql-errmsg: before 8.0.35-1
mysql-help: before 8.0.35-1
mysql-libs: before 8.0.35-1
mysql-test: before 8.0.35-1
mysql-common: before 8.0.35-1
mysql: before 8.0.35-1
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:a:openeuler:mysql-server:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-config:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-errmsg:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-test:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:mysql:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
