MySQL — свободная реляционная система управления базами данных
Релизный цикл, информация об уязвимостях
График релизов
Количество 1 162
CVE-2022-21824
Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js >= 12.22.9, >= 14.18.3, >= 16.13.2, and >= 17.3.1 use a null protoype for the object these properties are being assigned to.
SUSE-SU-2021:4202-1
Security update for mariadb
RLSA-2021:5226
Moderate: openssl security update
SUSE-SU-2021:3948-1
Security update for mariadb
SUSE-SU-2021:3836-1
Security update for mariadb
openSUSE-SU-2021:3835-1
Security update for mariadb
SUSE-SU-2021:3835-1
Security update for mariadb
RLSA-2021:4511
Moderate: curl security and bug fix update
CVE-2021-35639
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2021-35639
Vulnerability in the MySQL Server product of Oracle MySQL (component: ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2022-21824 Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js >= 12.22.9, >= 14.18.3, >= 16.13.2, and >= 17.3.1 use a null protoype for the object these properties are being assigned to. | CVSS3: 8.2 | 0% Низкий | больше 3 лет назад |
 | SUSE-SU-2021:4202-1 Security update for mariadb | 0% Низкий | больше 3 лет назад | |
 | RLSA-2021:5226 Moderate: openssl security update | 2% Низкий | больше 3 лет назад | |
| SUSE-SU-2021:3948-1 Security update for mariadb | 0% Низкий | больше 3 лет назад | |
| SUSE-SU-2021:3836-1 Security update for mariadb | 0% Низкий | больше 3 лет назад | |
| openSUSE-SU-2021:3835-1 Security update for mariadb | 0% Низкий | больше 3 лет назад | |
| SUSE-SU-2021:3835-1 Security update for mariadb | 0% Низкий | больше 3 лет назад | |
| RLSA-2021:4511 Moderate: curl security and bug fix update | 0% Низкий | почти 4 года назад | |
 | CVE-2021-35639 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | CVSS3: 4.9 | 0% Низкий | почти 4 года назад |
| CVE-2021-35639 Vulnerability in the MySQL Server product of Oracle MySQL (component: ... | CVSS3: 4.9 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу