rpm package
almalinux/mysql-devel
pkg:rpm/almalinux/mysql-devel
Vulnerabilities (505)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-50077 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Jul 15, 2025 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to comp | ||
| CVE-2025-5399 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Jun 7, 2025 | Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted packet which makes libcurl get trapped in an endless busy-loop. There is no other way for the application to escape or exit this loop other than killing the thread/process. This mig | ||
| CVE-2025-30722 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Apr 15, 2025 | Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple proto | ||
| CVE-2025-30721 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Apr 15, 2025 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQ | ||
| CVE-2025-30715 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Apr 15, 2025 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multi | ||
| CVE-2025-30705 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Apr 15, 2025 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to | ||
| CVE-2025-30704 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Apr 15, 2025 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows high privileged attacker with network access via mul | ||
| CVE-2025-30703 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Apr 15, 2025 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to comp | ||
| CVE-2025-30699 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Apr 15, 2025 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple | ||
| CVE-2025-30696 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Apr 15, 2025 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to | ||
| CVE-2025-30695 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Apr 15, 2025 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to comp | ||
| CVE-2025-30693 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Apr 15, 2025 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to comp | ||
| CVE-2025-30689 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Apr 15, 2025 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protoc | ||
| CVE-2025-30688 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Apr 15, 2025 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protoco | ||
| CVE-2025-30687 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Apr 15, 2025 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protoco | ||
| CVE-2025-30685 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Apr 15, 2025 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple prot | ||
| CVE-2025-30684 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Apr 15, 2025 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple prot | ||
| CVE-2025-30683 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Apr 15, 2025 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple prot | ||
| CVE-2025-30682 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Apr 15, 2025 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protoco | ||
| CVE-2025-30681 | — | < 8.4.6-1.module_el9.6.0+180+a4e757e5 | 8.4.6-1.module_el9.6.0+180+a4e757e5 | Apr 15, 2025 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple prot |
- CVE-2025-50077Jul 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to comp
- CVE-2025-5399Jun 7, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted packet which makes libcurl get trapped in an endless busy-loop. There is no other way for the application to escape or exit this loop other than killing the thread/process. This mig
- CVE-2025-30722Apr 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple proto
- CVE-2025-30721Apr 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQ
- CVE-2025-30715Apr 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multi
- CVE-2025-30705Apr 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to
- CVE-2025-30704Apr 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows high privileged attacker with network access via mul
- CVE-2025-30703Apr 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to comp
- CVE-2025-30699Apr 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple
- CVE-2025-30696Apr 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to
- CVE-2025-30695Apr 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to comp
- CVE-2025-30693Apr 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to comp
- CVE-2025-30689Apr 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protoc
- CVE-2025-30688Apr 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protoco
- CVE-2025-30687Apr 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protoco
- CVE-2025-30685Apr 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple prot
- CVE-2025-30684Apr 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple prot
- CVE-2025-30683Apr 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple prot
- CVE-2025-30682Apr 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protoco
- CVE-2025-30681Apr 15, 2025affected < 8.4.6-1.module_el9.6.0+180+a4e757e5fixed 8.4.6-1.module_el9.6.0+180+a4e757e5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple prot
Page 4 of 26