8.0.19

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-15	CVE-2020-2763	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). network low complexity oracle fedoraproject netapp canonical	4.9
2020-04-15	CVE-2020-2762	Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). network low complexity oracle fedoraproject netapp canonical	4.9
2020-04-15	CVE-2020-2760	Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). network low complexity oracle opensuse fedoraproject netapp canonical mariadb	5.5
2020-04-15	CVE-2020-2759	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). network low complexity oracle fedoraproject canonical netapp	4.9
2020-04-09	CVE-2020-11656	Use After Free vulnerability in multiple products In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement. network low complexity sqlite netapp oracle siemens tenable CWE-416	7.5
2020-04-09	CVE-2020-11655	Improper Initialization vulnerability in multiple products SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled. network low complexity sqlite netapp debian canonical oracle siemens tenable CWE-665	5.0
2020-03-10	CVE-2020-5258	Code Injection vulnerability in multiple products In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. network high complexity linuxfoundation debian oracle CWE-94	7.7
2020-01-17	CVE-2020-5398	Download of Code Without Integrity Check vulnerability in multiple products In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input. network high complexity vmware oracle netapp CWE-494	7.5
2019-09-15	CVE-2019-14540	Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. network low complexity fasterxml netapp fedoraproject debian redhat oracle CWE-502 critical	9.8
2019-02-04	CVE-2019-7317	Use After Free vulnerability in multiple products png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. network high complexity libpng debian canonical oracle hpe hp mozilla opensuse netapp redhat CWE-416	2.6