apk package
chainguard/mysql-8.0-bitnami-compat
pkg:apk/chainguard/mysql-8.0-bitnami-compat
Vulnerabilities (666)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-2566 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 23, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro | ||
| CVE-2018-3123 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 23, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: libmysqld). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access | ||
| CVE-2019-1559 | — | < 8.0.38-r0 | 8.0.38-r0 | Feb 27, 2019 | If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 by | ||
| CVE-2019-7317 | Med | 5.3 | < 8.0.38-r0 | 8.0.38-r0 | Feb 4, 2019 | png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. | |
| CVE-2019-2539 | — | < 8.0.38-r0 | 8.0.38-r0 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS | ||
| CVE-2019-2537 | — | < 8.0.38-r0 | 8.0.38-r0 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via mult | ||
| CVE-2019-2536 | — | < 8.0.38-r0 | 8.0.38-r0 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server execute | ||
| CVE-2019-2535 | — | < 8.0.38-r0 | 8.0.38-r0 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes | ||
| CVE-2019-2534 | — | < 8.0.38-r0 | 8.0.38-r0 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access v | ||
| CVE-2019-2533 | — | < 8.0.38-r0 | 8.0.38-r0 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to com | ||
| CVE-2019-2532 | — | < 8.0.38-r0 | 8.0.38-r0 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multi | ||
| CVE-2019-2531 | — | < 8.0.38-r0 | 8.0.38-r0 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access | ||
| CVE-2019-2530 | — | < 8.0.38-r0 | 8.0.38-r0 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQ | ||
| CVE-2019-2529 | — | < 8.0.38-r0 | 8.0.38-r0 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via | ||
| CVE-2019-2528 | — | < 8.0.38-r0 | 8.0.38-r0 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protoco | ||
| CVE-2019-2513 | — | < 8.0.38-r0 | 8.0.38-r0 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Shell). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromi | ||
| CVE-2019-2510 | — | < 8.0.38-r0 | 8.0.38-r0 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr | ||
| CVE-2019-2507 | — | < 8.0.38-r0 | 8.0.38-r0 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access vi | ||
| CVE-2019-2503 | — | < 8.0.38-r0 | 8.0.38-r0 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with access | ||
| CVE-2019-2502 | — | < 8.0.38-r0 | 8.0.38-r0 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. S |
- CVE-2019-2566Apr 23, 2019affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro
- CVE-2018-3123Apr 23, 2019affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: libmysqld). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access
- CVE-2019-1559Feb 27, 2019affected < 8.0.38-r0fixed 8.0.38-r0
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 by
- affected < 8.0.38-r0fixed 8.0.38-r0
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
- CVE-2019-2539Jan 16, 2019affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS
- CVE-2019-2537Jan 16, 2019affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via mult
- CVE-2019-2536Jan 16, 2019affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server execute
- CVE-2019-2535Jan 16, 2019affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes
- CVE-2019-2534Jan 16, 2019affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access v
- CVE-2019-2533Jan 16, 2019affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to com
- CVE-2019-2532Jan 16, 2019affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multi
- CVE-2019-2531Jan 16, 2019affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access
- CVE-2019-2530Jan 16, 2019affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQ
- CVE-2019-2529Jan 16, 2019affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via
- CVE-2019-2528Jan 16, 2019affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protoco
- CVE-2019-2513Jan 16, 2019affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Shell). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromi
- CVE-2019-2510Jan 16, 2019affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr
- CVE-2019-2507Jan 16, 2019affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access vi
- CVE-2019-2503Jan 16, 2019affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with access
- CVE-2019-2502Jan 16, 2019affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. S
Page 30 of 34