Vulnerabilities > CVE-2019-2758

047910
CVSS 5.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
HIGH
network
low complexity
oracle
canonical
mariadb
nessus

Summary

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

Vulnerable Configurations

Part Description Count
Application
Oracle
43
Application
Mariadb
50
OS
Canonical
3

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2511.NASL
    descriptionAn update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: mysql (8.0.17). Security Fix(es) : * mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2019-2800, CVE-2019-2436, CVE-2019-2531, CVE-2019-2534, CVE-2019-2614, CVE-2019-2617, CVE-2019-2630, CVE-2019-2634, CVE-2019-2635, CVE-2019-2755) * mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2019-2420, CVE-2019-2481, CVE-2019-2507, CVE-2019-2529, CVE-2019-2530, CVE-2019-2581, CVE-2019-2596, CVE-2019-2607, CVE-2019-2625, CVE-2019-2681, CVE-2019-2685, CVE-2019-2686, CVE-2019-2687, CVE-2019-2688, CVE-2019-2689, CVE-2019-2693, CVE-2019-2694, CVE-2019-2695, CVE-2019-2757, CVE-2019-2774, CVE-2019-2796, CVE-2019-2802, CVE-2019-2803, CVE-2019-2808, CVE-2019-2810, CVE-2019-2812, CVE-2019-2815, CVE-2019-2830, CVE-2019-2834) * mysql: Server: Parser multiple unspecified vulnerabilities (CVE-2019-2434, CVE-2019-2455, CVE-2019-2805) * mysql: Server: PS multiple unspecified vulnerabilities (CVE-2019-2482, CVE-2019-2592) * mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2019-2486, CVE-2019-2532, CVE-2019-2533, CVE-2019-2584, CVE-2019-2589, CVE-2019-2606, CVE-2019-2620, CVE-2019-2627, CVE-2019-2739, CVE-2019-2778, CVE-2019-2811, CVE-2019-2789) * mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2019-2494, CVE-2019-2495, CVE-2019-2537, CVE-2019-2626, CVE-2019-2644) * mysql: InnoDB multiple unspecified vulnerabilities (CVE-2019-2502, CVE-2019-2510, CVE-2019-2580, CVE-2019-2585, CVE-2019-2593, CVE-2019-2624, CVE-2019-2628, CVE-2019-2758, CVE-2019-2785, CVE-2019-2798, CVE-2019-2879, CVE-2019-2814) * mysql: Server: Connection Handling unspecified vulnerability (CVE-2019-2503) * mysql: Server: Partition multiple unspecified vulnerabilities (CVE-2019-2528, CVE-2019-2587) * mysql: Server: Options multiple unspecified vulnerabilities (CVE-2019-2535, CVE-2019-2623, CVE-2019-2683, CVE-2019-2752) * mysql: Server: Packaging unspecified vulnerability (CVE-2019-2536) * mysql: Server: Connection unspecified vulnerability (CVE-2019-2539) * mysql: Server: Information Schema unspecified vulnerability (CVE-2019-2631) * mysql: Server: Group Replication Plugin unspecified vulnerability (CVE-2019-2636) * mysql: Server: Security: Roles multiple unspecified vulnerabilities (CVE-2019-2691, CVE-2019-2826) * mysql: Server: Pluggable Auth unspecified vulnerability (CVE-2019-2737) * mysql: Server: XML unspecified vulnerability (CVE-2019-2740) * mysql: Server: Components / Services unspecified vulnerability (CVE-2019-2780) * mysql: Server: DML unspecified vulnerability (CVE-2019-2784) * mysql: Server: Charsets unspecified vulnerability (CVE-2019-2795) * mysql: Client programs unspecified vulnerability (CVE-2019-2797) * mysql: Server: FTS unspecified vulnerability (CVE-2019-2801) * mysql: Server: Security: Audit unspecified vulnerability (CVE-2019-2819) * mysql: Server: Compiling unspecified vulnerability (CVE-2019-2738) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-23
    modified2019-08-20
    plugin id127991
    published2019-08-20
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127991
    titleRHEL 8 : mysql:8.0 (RHSA-2019:2511)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-96516CE0AC.NASL
    description**MySQL 8.0.17** This update brings the latest MySQL 8.0.17 which fixes severe security issues. Now available as both a standard package and a module! Release notes : https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-17.html Mainatiner notes : - The MySQL Modules are now built from the same sources as the base packages, so the should be identical - The package is now being built with number of standard Fedora build flags that has not been used before. The package should be now more stable and secure. - In Modules, the bug #1729133 still exists - The MySQL 5.7 and 5.6 Modules may exists, but I
    last seen2020-06-01
    modified2020-06-02
    plugin id128484
    published2019-09-04
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128484
    titleFedora 29 : community-mysql (2019-96516ce0ac)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-3369-1.NASL
    descriptionThis update for mariadb to version 10.2.29 fixes the following issues : MariaDB was updated to 10.2.29 (bsc#1156669) Security issues fixed : CVE-2019-2737: Fixed an issue where could lead a remote attacker to cause denial of service CVE-2019-2938: Fixed an issue where could lead a remote attacker to cause denial of service CVE-2019-2740: Fixed an issue where could lead a local attacker to cause denial of service CVE-2019-2805: Fixed an issue where could lead a local attacker to cause denial of service CVE-2019-2974: Fixed an issue where could lead a remote attacker to cause denial of service CVE-2019-2758: Fixed an issue where could lead a local attacker to cause denial of service or data corruption CVE-2019-2739: Fixed an issue where could lead a local attacker to cause denial of service or data corruption Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id132387
    published2019-12-23
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132387
    titleSUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2019:3369-1)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-2698.NASL
    descriptionThis update for mariadb to version 10.2.29 fixes the following issues : MariaDB was updated to 10.2.29 (bsc#1156669) Security issues fixed : - CVE-2019-2737: Fixed an issue where could lead a remote attacker to cause denial of service - CVE-2019-2938: Fixed an issue where could lead a remote attacker to cause denial of service - CVE-2019-2740: Fixed an issue where could lead a local attacker to cause denial of service - CVE-2019-2805: Fixed an issue where could lead a local attacker to cause denial of service - CVE-2019-2974: Fixed an issue where could lead a remote attacker to cause denial of service - CVE-2019-2758: Fixed an issue where could lead a local attacker to cause denial of service or data corruption - CVE-2019-2739: Fixed an issue where could lead a local attacker to cause denial of service or data corruption This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id132385
    published2019-12-23
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132385
    titleopenSUSE Security Update : mariadb (openSUSE-2019-2698)
  • NASL familyDatabases
    NASL idMARIADB_10_3_17.NASL
    descriptionThe version of MariaDB installed on the remote host is prior to 10.3.17. It is, therefore, affected by the following vulnerabilities as referenced in the mdb-10317-rn advisory: - A vulnerability in the
    last seen2020-06-01
    modified2020-06-02
    plugin id129352
    published2019-09-26
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129352
    titleMariaDB 10.3.0 < 10.3.17 Multiple Vulnerabilities
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-C106E46A95.NASL
    description**MySQL 8.0.17** This update brings the latest MySQL 8.0.17 which fixes severe security issues. Now available as both a standard package and a module! Release notes : https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-17.html Mainatiner notes : - The MySQL Modules are now built from the same sources as the base packages, so the should be identical - The package is now being built with number of standard Fedora build flags that has not been used before. The package should be now more stable and secure. - In Modules, the bug #1729133 still exists - The MySQL 5.7 and 5.6 Modules may exists, but I
    last seen2020-06-01
    modified2020-06-02
    plugin id128487
    published2019-09-04
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128487
    titleFedora 30 : community-mysql (2019-c106e46a95)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-3306-1.NASL
    descriptionThis update for mariadb to version 10.2.29 fixes the following issues : MariaDB was updated to 10.2.29 (bsc#1156669) Security issues fixed : CVE-2019-2737: Fixed an issue where could lead a remote attacker to cause denial of service CVE-2019-2938: Fixed an issue where could lead a remote attacker to cause denial of service CVE-2019-2740: Fixed an issue where could lead a local attacker to cause denial of service CVE-2019-2805: Fixed an issue where could lead a local attacker to cause denial of service CVE-2019-2974: Fixed an issue where could lead a remote attacker to cause denial of service CVE-2019-2758: Fixed an issue where could lead a local attacker to cause denial of service or data corruption CVE-2019-2739: Fixed an issue where could lead a local attacker to cause denial of service or data corruption Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id132088
    published2019-12-17
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132088
    titleSUSE SLED15 / SLES15 Security Update : mariadb (SUSE-SU-2019:3306-1)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-2511.NASL
    descriptionFrom Red Hat Security Advisory 2019:2511 : An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: mysql (8.0.17). Security Fix(es) : * mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2019-2800, CVE-2019-2436, CVE-2019-2531, CVE-2019-2534, CVE-2019-2614, CVE-2019-2617, CVE-2019-2630, CVE-2019-2634, CVE-2019-2635, CVE-2019-2755) * mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2019-2420, CVE-2019-2481, CVE-2019-2507, CVE-2019-2529, CVE-2019-2530, CVE-2019-2581, CVE-2019-2596, CVE-2019-2607, CVE-2019-2625, CVE-2019-2681, CVE-2019-2685, CVE-2019-2686, CVE-2019-2687, CVE-2019-2688, CVE-2019-2689, CVE-2019-2693, CVE-2019-2694, CVE-2019-2695, CVE-2019-2757, CVE-2019-2774, CVE-2019-2796, CVE-2019-2802, CVE-2019-2803, CVE-2019-2808, CVE-2019-2810, CVE-2019-2812, CVE-2019-2815, CVE-2019-2830, CVE-2019-2834) * mysql: Server: Parser multiple unspecified vulnerabilities (CVE-2019-2434, CVE-2019-2455, CVE-2019-2805) * mysql: Server: PS multiple unspecified vulnerabilities (CVE-2019-2482, CVE-2019-2592) * mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2019-2486, CVE-2019-2532, CVE-2019-2533, CVE-2019-2584, CVE-2019-2589, CVE-2019-2606, CVE-2019-2620, CVE-2019-2627, CVE-2019-2739, CVE-2019-2778, CVE-2019-2811, CVE-2019-2789) * mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2019-2494, CVE-2019-2495, CVE-2019-2537, CVE-2019-2626, CVE-2019-2644) * mysql: InnoDB multiple unspecified vulnerabilities (CVE-2019-2502, CVE-2019-2510, CVE-2019-2580, CVE-2019-2585, CVE-2019-2593, CVE-2019-2624, CVE-2019-2628, CVE-2019-2758, CVE-2019-2785, CVE-2019-2798, CVE-2019-2879, CVE-2019-2814) * mysql: Server: Connection Handling unspecified vulnerability (CVE-2019-2503) * mysql: Server: Partition multiple unspecified vulnerabilities (CVE-2019-2528, CVE-2019-2587) * mysql: Server: Options multiple unspecified vulnerabilities (CVE-2019-2535, CVE-2019-2623, CVE-2019-2683, CVE-2019-2752) * mysql: Server: Packaging unspecified vulnerability (CVE-2019-2536) * mysql: Server: Connection unspecified vulnerability (CVE-2019-2539) * mysql: Server: Information Schema unspecified vulnerability (CVE-2019-2631) * mysql: Server: Group Replication Plugin unspecified vulnerability (CVE-2019-2636) * mysql: Server: Security: Roles multiple unspecified vulnerabilities (CVE-2019-2691, CVE-2019-2826) * mysql: Server: Pluggable Auth unspecified vulnerability (CVE-2019-2737) * mysql: Server: XML unspecified vulnerability (CVE-2019-2740) * mysql: Server: Components / Services unspecified vulnerability (CVE-2019-2780) * mysql: Server: DML unspecified vulnerability (CVE-2019-2784) * mysql: Server: Charsets unspecified vulnerability (CVE-2019-2795) * mysql: Client programs unspecified vulnerability (CVE-2019-2797) * mysql: Server: FTS unspecified vulnerability (CVE-2019-2801) * mysql: Server: Security: Audit unspecified vulnerability (CVE-2019-2819) * mysql: Server: Compiling unspecified vulnerability (CVE-2019-2738) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id127983
    published2019-08-20
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127983
    titleOracle Linux 8 : mysql:8.0 (ELSA-2019-2511)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4070-3.NASL
    descriptionUSN-4070-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2737, CVE-2019-2739, CVE-2019-2740, CVE-2019-2758, CVE-2019-2805, CVE-2019-2628, CVE-2019-2627, CVE-2019-2614 in MariaDB 10.3. Ubuntu 19.04 has been updated to MariaDB 10.3.17. In addition to security fixes, the updated package contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://mariadb.com/kb/en/library/mariadb-10317-changelog/ https://mariadb.com/kb/en/library/mariadb-10317-release-notes/ Original advisory details : Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.04 have been updated to MySQL 5.7.27. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-27.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-507283 5.html. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id127887
    published2019-08-14
    reporterUbuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127887
    titleUbuntu 19.04 : MariaDB vulnerabilities (USN-4070-3)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4070-1.NASL
    descriptionMultiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.04 have been updated to MySQL 5.7.27. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-27.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-507283 5.html. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id127041
    published2019-07-25
    reporterUbuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127041
    titleUbuntu 16.04 LTS / 18.04 LTS / 19.04 : mysql-5.7 vulnerabilities (USN-4070-1)
  • NASL familyDatabases
    NASL idMYSQL_5_7_27_JULY.NASL
    descriptionThe version of MySQL running on the remote host is 5.7.x prior to 5.7.27. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the July 2019 Critical Patch Update advisory: - A stack-based buffer overflow vulnerability in the
    last seen2020-04-18
    modified2019-07-18
    plugin id126783
    published2019-07-18
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126783
    titleMySQL 5.7.x < 5.7.27 Multiple Vulnerabilities (Jul 2019 CPU)
  • NASL familyDatabases
    NASL idMARIADB_10_4_7.NASL
    descriptionThe version of MariaDB installed on the remote host is prior to 10.4.7. It is, therefore, affected by the following vulnerabilities as referenced in the mdb-1047-rn advisory. - A vulnerability in the
    last seen2020-06-01
    modified2020-06-02
    plugin id128878
    published2019-09-17
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128878
    titleMariaDB 10.4.0 < 10.4.7 Multiple Vulnerabilities
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-3708.NASL
    descriptionAn update for the mariadb:10.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.17), galera (25.3.26). (BZ#1701687, BZ#1711265, BZ#1741358) Security Fix(es) : * mysql: InnoDB unspecified vulnerability (CPU Jan 2019) (CVE-2019-2510) * mysql: Server: DDL unspecified vulnerability (CPU Jan 2019) (CVE-2019-2537) * mysql: Server: Replication unspecified vulnerability (CPU Apr 2019) (CVE-2019-2614) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2019) (CVE-2019-2627) * mysql: InnoDB unspecified vulnerability (CPU Apr 2019) (CVE-2019-2628) * mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2019) (CVE-2019-2737) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019) (CVE-2019-2739) * mysql: Server: XML unspecified vulnerability (CPU Jul 2019) (CVE-2019-2740) * mysql: InnoDB unspecified vulnerability (CPU Jul 2019) (CVE-2019-2758) * mysql: Server: Parser unspecified vulnerability (CPU Jul 2019) (CVE-2019-2805) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.
    last seen2020-05-23
    modified2019-11-06
    plugin id130575
    published2019-11-06
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130575
    titleRHEL 8 : mariadb:10.3 (RHSA-2019:3708)
  • NASL familyDatabases
    NASL idMYSQL_8_0_17.NASL
    descriptionThe version of MySQL running on the remote host is 8.0.x prior to 8.0.17. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the July 2019 Critical Patch Update advisory: - An unspecified vulnerability in the
    last seen2020-04-18
    modified2019-07-18
    plugin id126784
    published2019-07-18
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126784
    titleMySQL 8.0.x < 8.0.17 Multiple Vulnerabilities (July 2019 CPU)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_198E6220AC8B11E9A1C7B499BAEBFEAF.NASL
    descriptionOracle reports : This Critical Patch Update contains 45 new security fixes for Oracle MySQL. 4 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.
    last seen2020-06-01
    modified2020-06-02
    plugin id126928
    published2019-07-23
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126928
    titleFreeBSD : MySQL -- Multiple vulerabilities (198e6220-ac8b-11e9-a1c7-b499baebfeaf)
  • NASL familyDatabases
    NASL idMARIADB_10_2_26.NASL
    descriptionThe version of MariaDB installed on the remote host is prior to 10.2.26. It is, therefore, affected by multiple vulnerabilities as referenced in the mdb-10226-rn advisory. - A vulnerability in the
    last seen2020-06-01
    modified2020-06-02
    plugin id128974
    published2019-09-18
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128974
    titleMariaDB 10.2.0 < 10.2.26 Multiple Vulnerabilities

Redhat

advisories
  • rhsa
    idRHSA-2019:2484
  • rhsa
    idRHSA-2019:2511
  • rhsa
    idRHSA-2019:3708
rpms
  • rh-mysql80-mysql-0:8.0.17-1.el7
  • rh-mysql80-mysql-common-0:8.0.17-1.el7
  • rh-mysql80-mysql-config-0:8.0.17-1.el7
  • rh-mysql80-mysql-config-syspaths-0:8.0.17-1.el7
  • rh-mysql80-mysql-debuginfo-0:8.0.17-1.el7
  • rh-mysql80-mysql-devel-0:8.0.17-1.el7
  • rh-mysql80-mysql-errmsg-0:8.0.17-1.el7
  • rh-mysql80-mysql-server-0:8.0.17-1.el7
  • rh-mysql80-mysql-server-syspaths-0:8.0.17-1.el7
  • rh-mysql80-mysql-syspaths-0:8.0.17-1.el7
  • rh-mysql80-mysql-test-0:8.0.17-1.el7
  • mecab-0:0.996-1.module+el8.0.0+3898+e09bb8de.9
  • mecab-debuginfo-0:0.996-1.module+el8.0.0+3898+e09bb8de.9
  • mecab-debugsource-0:0.996-1.module+el8.0.0+3898+e09bb8de.9
  • mecab-ipadic-0:2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de
  • mecab-ipadic-EUCJP-0:2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de
  • mysql-0:8.0.17-3.module+el8.0.0+3898+e09bb8de
  • mysql-common-0:8.0.17-3.module+el8.0.0+3898+e09bb8de
  • mysql-debuginfo-0:8.0.17-3.module+el8.0.0+3898+e09bb8de
  • mysql-debugsource-0:8.0.17-3.module+el8.0.0+3898+e09bb8de
  • mysql-devel-0:8.0.17-3.module+el8.0.0+3898+e09bb8de
  • mysql-devel-debuginfo-0:8.0.17-3.module+el8.0.0+3898+e09bb8de
  • mysql-errmsg-0:8.0.17-3.module+el8.0.0+3898+e09bb8de
  • mysql-libs-0:8.0.17-3.module+el8.0.0+3898+e09bb8de
  • mysql-libs-debuginfo-0:8.0.17-3.module+el8.0.0+3898+e09bb8de
  • mysql-server-0:8.0.17-3.module+el8.0.0+3898+e09bb8de
  • mysql-server-debuginfo-0:8.0.17-3.module+el8.0.0+3898+e09bb8de
  • mysql-test-0:8.0.17-3.module+el8.0.0+3898+e09bb8de
  • mysql-test-debuginfo-0:8.0.17-3.module+el8.0.0+3898+e09bb8de
  • Judy-0:1.0.5-18.module+el8+2765+cfa4f87b
  • Judy-debuginfo-0:1.0.5-18.module+el8+2765+cfa4f87b
  • Judy-debugsource-0:1.0.5-18.module+el8+2765+cfa4f87b
  • Judy-devel-0:1.0.5-18.module+el8+2765+cfa4f87b
  • asio-devel-0:1.10.8-7.module+el8+2765+cfa4f87b
  • galera-0:25.3.26-1.module+el8.1.0+3974+90eded84
  • galera-debuginfo-0:25.3.26-1.module+el8.1.0+3974+90eded84
  • galera-debugsource-0:25.3.26-1.module+el8.1.0+3974+90eded84
  • mariadb-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-backup-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-backup-debuginfo-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-common-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-debuginfo-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-debugsource-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-devel-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-embedded-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-embedded-debuginfo-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-embedded-devel-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-errmsg-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-gssapi-server-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-gssapi-server-debuginfo-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-oqgraph-engine-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-oqgraph-engine-debuginfo-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-server-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-server-debuginfo-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-server-galera-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-server-utils-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-server-utils-debuginfo-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-test-3:10.3.17-1.module+el8.1.0+3974+90eded84
  • mariadb-test-debuginfo-3:10.3.17-1.module+el8.1.0+3974+90eded84

References