apk package
chainguard/mysql-8.0-client
pkg:apk/chainguard/mysql-8.0-client
Vulnerabilities (666)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-2853 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 15, 2020 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis | ||
| CVE-2020-2814 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 15, 2020 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.47 and prior, 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple proto | ||
| CVE-2020-2812 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 15, 2020 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access | ||
| CVE-2020-2804 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 15, 2020 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Memcached). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via m | ||
| CVE-2020-2780 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 15, 2020 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple p | ||
| CVE-2020-2779 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 15, 2020 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis | ||
| CVE-2020-2774 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 15, 2020 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis | ||
| CVE-2020-2770 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 15, 2020 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Serve | ||
| CVE-2020-2768 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 15, 2020 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.3.28 and prior, 7.4.27 and prior, 7.5.17 and prior, 7.6.13 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows low privileged a | ||
| CVE-2020-2765 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 15, 2020 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to | ||
| CVE-2020-2763 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 15, 2020 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via m | ||
| CVE-2020-2762 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 15, 2020 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Succes | ||
| CVE-2020-2761 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 15, 2020 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis | ||
| CVE-2020-2760 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 15, 2020 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise | ||
| CVE-2020-2759 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 15, 2020 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL S | ||
| CVE-2020-2752 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 15, 2020 | Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple proto | ||
| CVE-2020-11655 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 9, 2020 | SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled. | ||
| CVE-2020-11656 | — | < 8.0.38-r0 | 8.0.38-r0 | Apr 9, 2020 | In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement. | ||
| CVE-2020-5258 | — | < 8.0.38-r0 | 8.0.38-r0 | Mar 10, 2020 | In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes t | ||
| CVE-2020-5398 | — | < 8.0.38-r0 | 8.0.38-r0 | Jan 16, 2020 | In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute |
- CVE-2020-2853Apr 15, 2020affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis
- CVE-2020-2814Apr 15, 2020affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.47 and prior, 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple proto
- CVE-2020-2812Apr 15, 2020affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access
- CVE-2020-2804Apr 15, 2020affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Memcached). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via m
- CVE-2020-2780Apr 15, 2020affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple p
- CVE-2020-2779Apr 15, 2020affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis
- CVE-2020-2774Apr 15, 2020affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis
- CVE-2020-2770Apr 15, 2020affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Serve
- CVE-2020-2768Apr 15, 2020affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.3.28 and prior, 7.4.27 and prior, 7.5.17 and prior, 7.6.13 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows low privileged a
- CVE-2020-2765Apr 15, 2020affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to
- CVE-2020-2763Apr 15, 2020affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via m
- CVE-2020-2762Apr 15, 2020affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Succes
- CVE-2020-2761Apr 15, 2020affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis
- CVE-2020-2760Apr 15, 2020affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise
- CVE-2020-2759Apr 15, 2020affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL S
- CVE-2020-2752Apr 15, 2020affected < 8.0.38-r0fixed 8.0.38-r0
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple proto
- CVE-2020-11655Apr 9, 2020affected < 8.0.38-r0fixed 8.0.38-r0
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.
- CVE-2020-11656Apr 9, 2020affected < 8.0.38-r0fixed 8.0.38-r0
In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.
- CVE-2020-5258Mar 10, 2020affected < 8.0.38-r0fixed 8.0.38-r0
In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes t
- CVE-2020-5398Jan 16, 2020affected < 8.0.38-r0fixed 8.0.38-r0
In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute
Page 23 of 34