VYPR

rpm package

almalinux/mysql8.4-common

pkg:rpm/almalinux/mysql8.4-common

Vulnerabilities (86)

  • CVE-2025-21580Apr 15, 2025
    affected < 8.4.6-2.el10_0fixed 8.4.6-2.el10_0

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to

  • CVE-2025-21579Apr 15, 2025
    affected < 8.4.6-2.el10_0fixed 8.4.6-2.el10_0

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol

  • CVE-2025-21577Apr 15, 2025
    affected < 8.4.6-2.el10_0fixed 8.4.6-2.el10_0

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compr

  • CVE-2025-21575Apr 15, 2025
    affected < 8.4.6-2.el10_0fixed 8.4.6-2.el10_0

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols

  • CVE-2025-21574Apr 15, 2025
    affected < 8.4.6-2.el10_0fixed 8.4.6-2.el10_0

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols

  • CVE-2024-13176MedJan 20, 2025
    affected < 8.4.6-2.el10_0fixed 8.4.6-2.el10_0

    Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow recovering the private key by an attacker. However, measurin

Page 5 of 5