rpm package

suse/mariadb&distro=SUSE Linux Enterprise Server 12-LTSS

pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS

Vulnerabilities (64)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2018-2755		—	< 10.0.35-20.46.1	10.0.35-20.46.1	Apr 19, 2018	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the
CVE-2018-2668		—	< 10.0.34-20.43.1	10.0.34-20.43.1	Jan 18, 2018	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via
CVE-2018-2665		—	< 10.0.34-20.43.1	10.0.34-20.43.1	Jan 18, 2018	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via
CVE-2018-2640		—	< 10.0.34-20.43.1	10.0.34-20.43.1	Jan 18, 2018	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via
CVE-2018-2622		—	< 10.0.34-20.43.1	10.0.34-20.43.1	Jan 18, 2018	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multi
CVE-2018-2612		—	< 10.0.34-20.43.1	10.0.34-20.43.1	Jan 18, 2018	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr
CVE-2018-2562		—	< 10.0.34-20.43.1	10.0.34-20.43.1	Jan 18, 2018	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access vi
CVE-2017-10378	Med	6.5	< 10.0.34-20.43.1	10.0.34-20.43.1	Oct 19, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network acce
CVE-2017-10268	Med	4.1	< 10.0.34-20.43.1	10.0.34-20.43.1	Oct 19, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon t
CVE-2017-3653	Low	3.1	< 10.0.32-20.36.1	10.0.32-20.36.1	Aug 8, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access v
CVE-2017-3641	Med	4.9	< 10.0.32-20.36.1	10.0.32-20.36.1	Aug 8, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access vi
CVE-2017-3636	Med	5.3	< 10.0.32-20.36.1	10.0.32-20.36.1	Aug 8, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where
CVE-2016-9843	Cri	9.8	< 10.0.37-20.49.2	10.0.37-20.49.2	May 23, 2017	The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
CVE-2017-3464	Med	4.3	< 10.0.31-20.29.1	10.0.31-20.29.1	Apr 24, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access v
CVE-2017-3456	Med	4.9	< 10.0.31-20.29.1	10.0.31-20.29.1	Apr 24, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access
CVE-2017-3453	Med	6.5	< 10.0.31-20.29.1	10.0.31-20.29.1	Apr 24, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network ac
CVE-2017-3309	Hig	7.7	< 10.0.31-20.29.1	10.0.31-20.29.1	Apr 24, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network ac
CVE-2017-3308	Hig	7.7	< 10.0.31-20.29.1	10.0.31-20.29.1	Apr 24, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access v
CVE-2017-3302	Hig	7.5	< 10.0.30-20.26.1	10.0.30-20.26.1	Feb 12, 2017	Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.
CVE-2017-3318	Med	4.0	< 10.0.29-20.23.1	10.0.29-20.23.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logo

CVE-2018-2755Apr 19, 2018
affected < 10.0.35-20.46.1fixed 10.0.35-20.46.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the
CVE-2018-2668Jan 18, 2018
affected < 10.0.34-20.43.1fixed 10.0.34-20.43.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via
CVE-2018-2665Jan 18, 2018
affected < 10.0.34-20.43.1fixed 10.0.34-20.43.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via
CVE-2018-2640Jan 18, 2018
affected < 10.0.34-20.43.1fixed 10.0.34-20.43.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via
CVE-2018-2622Jan 18, 2018
affected < 10.0.34-20.43.1fixed 10.0.34-20.43.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multi
CVE-2018-2612Jan 18, 2018
affected < 10.0.34-20.43.1fixed 10.0.34-20.43.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr
CVE-2018-2562Jan 18, 2018
affected < 10.0.34-20.43.1fixed 10.0.34-20.43.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access vi
CVE-2017-10378MedOct 19, 2017
affected < 10.0.34-20.43.1fixed 10.0.34-20.43.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network acce
CVE-2017-10268MedOct 19, 2017
affected < 10.0.34-20.43.1fixed 10.0.34-20.43.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon t
CVE-2017-3653LowAug 8, 2017
affected < 10.0.32-20.36.1fixed 10.0.32-20.36.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access v
CVE-2017-3641MedAug 8, 2017
affected < 10.0.32-20.36.1fixed 10.0.32-20.36.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access vi
CVE-2017-3636MedAug 8, 2017
affected < 10.0.32-20.36.1fixed 10.0.32-20.36.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where
CVE-2016-9843CriMay 23, 2017
affected < 10.0.37-20.49.2fixed 10.0.37-20.49.2
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
CVE-2017-3464MedApr 24, 2017
affected < 10.0.31-20.29.1fixed 10.0.31-20.29.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access v
CVE-2017-3456MedApr 24, 2017
affected < 10.0.31-20.29.1fixed 10.0.31-20.29.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access
CVE-2017-3453MedApr 24, 2017
affected < 10.0.31-20.29.1fixed 10.0.31-20.29.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network ac
CVE-2017-3309HigApr 24, 2017
affected < 10.0.31-20.29.1fixed 10.0.31-20.29.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network ac
CVE-2017-3308HigApr 24, 2017
affected < 10.0.31-20.29.1fixed 10.0.31-20.29.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access v
CVE-2017-3302HigFeb 12, 2017
affected < 10.0.30-20.26.1fixed 10.0.30-20.26.1
Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.
CVE-2017-3318MedJan 27, 2017
affected < 10.0.29-20.23.1fixed 10.0.29-20.23.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logo

Page 2 of 4