Anolis OS update for mysql:8.0 module
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 87 |
| CVE-ID | CVE-2022-4899 CVE-2023-21911 CVE-2023-21919 CVE-2023-21920 CVE-2023-21929 CVE-2023-21933 CVE-2023-21935 CVE-2023-21940 CVE-2023-21945 CVE-2023-21946 CVE-2023-21947 CVE-2023-21953 CVE-2023-21955 CVE-2023-21962 CVE-2023-21966 CVE-2023-21972 CVE-2023-21976 CVE-2023-21977 CVE-2023-21980 CVE-2023-21982 CVE-2023-22005 CVE-2023-22007 CVE-2023-22008 CVE-2023-22032 CVE-2023-22033 CVE-2023-22038 CVE-2023-22046 CVE-2023-22048 CVE-2023-22053 CVE-2023-22054 CVE-2023-22056 CVE-2023-22057 CVE-2023-22058 CVE-2023-22059 CVE-2023-22064 CVE-2023-22065 CVE-2023-22066 CVE-2023-22068 CVE-2023-22070 CVE-2023-22078 CVE-2023-22079 CVE-2023-22084 CVE-2023-22092 CVE-2023-22097 CVE-2023-22103 CVE-2023-22104 CVE-2023-22110 CVE-2023-22111 CVE-2023-22112 CVE-2023-22113 CVE-2023-22114 CVE-2023-22115 CVE-2024-20960 CVE-2024-20961 CVE-2024-20962 CVE-2024-20963 CVE-2024-20964 CVE-2024-20965 CVE-2024-20966 CVE-2024-20967 CVE-2024-20968 CVE-2024-20969 CVE-2024-20970 CVE-2024-20971 CVE-2024-20972 CVE-2024-20973 CVE-2024-20974 CVE-2024-20976 CVE-2024-20977 CVE-2024-20978 CVE-2024-20981 CVE-2024-20982 CVE-2024-20983 CVE-2024-20984 CVE-2024-20985 CVE-2024-20993 CVE-2024-21049 CVE-2024-21050 CVE-2024-21051 CVE-2024-21052 CVE-2024-21053 CVE-2024-21055 CVE-2024-21056 CVE-2024-21057 CVE-2024-21061 CVE-2024-21137 CVE-2024-21200 |
| CWE-ID | CWE-119 CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Anolis OS Operating systems & Components / Operating system mysql-test Operating systems & Components / Operating system package or component mysql-server Operating systems & Components / Operating system package or component mysql-libs Operating systems & Components / Operating system package or component mysql-errmsg Operating systems & Components / Operating system package or component mysql-devel Operating systems & Components / Operating system package or component mysql-common Operating systems & Components / Operating system package or component mysql Operating systems & Components / Operating system package or component mecab Operating systems & Components / Operating system package or component mecab-ipadic-EUCJP Operating systems & Components / Operating system package or component mecab-ipadic Operating systems & Components / Operating system package or component |
| Vendor | OpenAnolis |
Security Bulletin
This security bulletin contains information about 87 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU74201
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-4899
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in util.c when processing empty arguments in the command line tool. A remote attacker can pass an empty string as an argument, trigger buffer underflow and crash the application.
Install updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper input validation
EUVDB-ID: #VU75275
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21911
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper input validation
EUVDB-ID: #VU75277
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21919
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper input validation
EUVDB-ID: #VU75283
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21920
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper input validation
EUVDB-ID: #VU75273
Risk: Medium
CVSSv4.0: 4.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21929
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Improper input validation
EUVDB-ID: #VU75278
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21933
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper input validation
EUVDB-ID: #VU75284
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21935
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper input validation
EUVDB-ID: #VU75291
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-21940
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Components Services component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Improper input validation
EUVDB-ID: #VU75285
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21945
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Improper input validation
EUVDB-ID: #VU75272
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21946
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Improper input validation
EUVDB-ID: #VU75292
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-21947
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Components Services component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Improper input validation
EUVDB-ID: #VU75289
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21953
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Partition component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Improper input validation
EUVDB-ID: #VU75290
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21955
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Partition component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Improper input validation
EUVDB-ID: #VU75276
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21962
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Components Services component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Improper input validation
EUVDB-ID: #VU75280
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21966
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: JSON component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Improper input validation
EUVDB-ID: #VU75279
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21972
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Improper input validation
EUVDB-ID: #VU75286
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21976
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Improper input validation
EUVDB-ID: #VU75287
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21977
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Improper input validation
EUVDB-ID: #VU75271
Risk: Medium
CVSSv4.0: 4.4 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21980
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to execute arbitrary code.
The vulnerability exists due to improper input validation within the Client programs component in MySQL Server. A remote authenticated user can exploit this vulnerability to execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Improper input validation
EUVDB-ID: #VU75288
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-21982
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Improper input validation
EUVDB-ID: #VU78429
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-22005
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Replication component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Improper input validation
EUVDB-ID: #VU78425
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22007
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Replication component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Improper input validation
EUVDB-ID: #VU78420
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22008
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Improper input validation
EUVDB-ID: #VU82159
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22032
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Improper input validation
EUVDB-ID: #VU78427
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-22033
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Improper input validation
EUVDB-ID: #VU78431
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-22038
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to manipulate data.
The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote privileged user can exploit this vulnerability to manipulate data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Improper input validation
EUVDB-ID: #VU78421
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22046
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Improper input validation
EUVDB-ID: #VU78430
Risk: Low
CVSSv4.0: 0.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-22048
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Server: Pluggable Auth component in MySQL Server. A remote authenticated user can exploit this vulnerability to gain access to sensitive information.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Improper input validation
EUVDB-ID: #VU78419
Risk: Medium
CVSSv4.0: 2.3 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22053
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to access sensitive information or perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Client programs component in MySQL Server. A remote authenticated user can exploit this vulnerability to access sensitive information or perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Improper input validation
EUVDB-ID: #VU78422
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22054
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Improper input validation
EUVDB-ID: #VU78423
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22056
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Improper input validation
EUVDB-ID: #VU78426
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22057
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Replication component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Improper input validation
EUVDB-ID: #VU78428
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-22058
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Improper input validation
EUVDB-ID: #VU82146
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22059
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Improper input validation
EUVDB-ID: #VU82160
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22064
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Improper input validation
EUVDB-ID: #VU82161
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22065
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Improper input validation
EUVDB-ID: #VU82150
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22066
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Improper input validation
EUVDB-ID: #VU82151
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22068
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Improper input validation
EUVDB-ID: #VU82162
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22070
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Improper input validation
EUVDB-ID: #VU82166
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22078
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) Improper input validation
EUVDB-ID: #VU82147
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22079
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) Improper input validation
EUVDB-ID: #VU82154
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22084
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
43) Improper input validation
EUVDB-ID: #VU82167
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22092
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) Improper input validation
EUVDB-ID: #VU82149
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22097
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) Improper input validation
EUVDB-ID: #VU82163
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22103
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Improper input validation
EUVDB-ID: #VU82152
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22104
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) Improper input validation
EUVDB-ID: #VU82164
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22110
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) Improper input validation
EUVDB-ID: #VU82168
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22111
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: UDF component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
49) Improper input validation
EUVDB-ID: #VU82165
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22112
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
50) Improper input validation
EUVDB-ID: #VU82169
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-22113
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Server: Security: Encryption component in MySQL Server. A remote privileged user can exploit this vulnerability to gain access to sensitive information.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
51) Improper input validation
EUVDB-ID: #VU82153
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22114
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
52) Improper input validation
EUVDB-ID: #VU82155
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-22115
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
53) Improper input validation
EUVDB-ID: #VU85483
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20960
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: RAPID component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
54) Improper input validation
EUVDB-ID: #VU85478
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20961
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
55) Improper input validation
EUVDB-ID: #VU85479
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20962
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
56) Improper input validation
EUVDB-ID: #VU85484
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20963
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Security: Encryption component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
57) Improper input validation
EUVDB-ID: #VU85488
Risk: Medium
CVSSv4.0: 2.3 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20964
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
58) Improper input validation
EUVDB-ID: #VU85489
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20965
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
59) Improper input validation
EUVDB-ID: #VU85492
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20966
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
60) Improper input validation
EUVDB-ID: #VU85487
Risk: Medium
CVSSv4.0: 4.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20967
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: Replication component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
61) Improper input validation
EUVDB-ID: #VU85501
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-20968
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Options component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
62) Improper input validation
EUVDB-ID: #VU85486
Risk: Medium
CVSSv4.0: 4.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20969
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to damange or delete data.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
63) Improper input validation
EUVDB-ID: #VU85493
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20970
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
64) Improper input validation
EUVDB-ID: #VU85494
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20971
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
65) Improper input validation
EUVDB-ID: #VU85495
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20972
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
66) Improper input validation
EUVDB-ID: #VU85480
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20973
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
67) Improper input validation
EUVDB-ID: #VU85496
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20974
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
68) Improper input validation
EUVDB-ID: #VU85497
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20976
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
69) Improper input validation
EUVDB-ID: #VU85482
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20977
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
70) Improper input validation
EUVDB-ID: #VU85498
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20978
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
71) Improper input validation
EUVDB-ID: #VU85490
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20981
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
72) Improper input validation
EUVDB-ID: #VU85499
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20982
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
73) Improper input validation
EUVDB-ID: #VU85491
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20983
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
74) Improper input validation
EUVDB-ID: #VU85500
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-20984
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server : Security : Firewall component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
75) Improper input validation
EUVDB-ID: #VU85485
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20985
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: UDF component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
76) Improper input validation
EUVDB-ID: #VU88689
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-20993
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
77) Improper input validation
EUVDB-ID: #VU88681
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-21049
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
78) Improper input validation
EUVDB-ID: #VU88682
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-21050
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
79) Improper input validation
EUVDB-ID: #VU88683
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-21051
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
80) Improper input validation
EUVDB-ID: #VU88684
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-21052
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
81) Improper input validation
EUVDB-ID: #VU88685
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-21053
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
82) Improper input validation
EUVDB-ID: #VU88693
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-21055
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
83) Improper input validation
EUVDB-ID: #VU88686
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-21056
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: DML component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
84) Improper input validation
EUVDB-ID: #VU88694
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-21057
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
85) Improper input validation
EUVDB-ID: #VU88679
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-21061
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Audit Plug-in component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
86) Improper input validation
EUVDB-ID: #VU94581
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-21137
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
87) Improper input validation
EUVDB-ID: #VU98664
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-21200
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
mysql-test: before 8.0.36-1.0.1
mysql-server: before 8.0.36-1.0.1
mysql-libs: before 8.0.36-1.0.1
mysql-errmsg: before 8.0.36-1.0.1
mysql-devel: before 8.0.36-1.0.1
mysql-common: before 8.0.36-1.0.1
mysql: before 8.0.36-1.0.1
mecab: before 0.996-2
mecab-ipadic-EUCJP: before 2.7.0.20070801-16.0.1
mecab-ipadic: before 2.7.0.20070801-16.0.1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:o:openanolis:mysql-test:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-server:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-libs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-errmsg:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mysql:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic-eucjp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:o:openanolis:mecab-ipadic:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2024:0088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
