rpm package

suse/mysql&distro=SUSE Linux Enterprise Software Development Kit 11 SP4

pkg:rpm/suse/mysql&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4

Vulnerabilities (137)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-3453	Med	6.5	< 5.5.55-0.38.1	5.5.55-0.38.1	Apr 24, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network ac
CVE-2017-3329	Hig	7.5	< 5.5.55-0.38.1	5.5.55-0.38.1	Apr 24, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker with netw
CVE-2017-3309	Hig	7.7	< 5.5.55-0.38.1	5.5.55-0.38.1	Apr 24, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network ac
CVE-2017-3308	Hig	7.7	< 5.5.55-0.38.1	5.5.55-0.38.1	Apr 24, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access v
CVE-2017-3305	Med	5.3	< 5.5.55-0.38.1	5.5.55-0.38.1	Apr 24, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protoc
CVE-2017-3302	Hig	7.5	< 5.5.55-0.38.1	5.5.55-0.38.1	Feb 12, 2017	Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.
CVE-2017-3318	Med	4.0	< 5.5.54-0.35.1	5.5.54-0.35.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logo
CVE-2017-3317	Med	4.0	< 5.5.54-0.35.1	5.5.54-0.35.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infras
CVE-2017-3313	Med	4.7	< 5.5.54-0.35.1	5.5.54-0.35.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the
CVE-2017-3312	Med	6.7	< 5.5.54-0.35.1	5.5.54-0.35.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to t
CVE-2017-3291	Med	6.3	< 5.5.54-0.35.1	5.5.54-0.35.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to
CVE-2017-3265	Med	5.6	< 5.5.54-0.35.1	5.5.54-0.35.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to
CVE-2017-3258	Med	6.5	< 5.5.54-0.35.1	5.5.54-0.35.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via
CVE-2017-3244	Med	6.5	< 5.5.54-0.35.1	5.5.54-0.35.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via
CVE-2017-3243	Med	4.4	< 5.5.54-0.35.1	5.5.54-0.35.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise M
CVE-2017-3238	Med	6.5	< 5.5.54-0.35.1	5.5.54-0.35.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network acce
CVE-2016-7440	Med	5.5	< 5.5.53-0.30.1	5.5.53-0.30.1	Dec 13, 2016	The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
CVE-2016-5584	Med	4.4	< 5.5.53-0.30.1	5.5.53-0.30.1	Oct 25, 2016	Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.
CVE-2016-6662	Cri	9.8	< 5.5.52-0.27.1	5.5.52-0.27.1	Sep 20, 2016	Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary c
CVE-2016-5440	Med	4.9	< 5.5.52-0.27.1	5.5.52-0.27.1	Jul 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.

CVE-2017-3453MedApr 24, 2017
affected < 5.5.55-0.38.1fixed 5.5.55-0.38.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network ac
CVE-2017-3329HigApr 24, 2017
affected < 5.5.55-0.38.1fixed 5.5.55-0.38.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker with netw
CVE-2017-3309HigApr 24, 2017
affected < 5.5.55-0.38.1fixed 5.5.55-0.38.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network ac
CVE-2017-3308HigApr 24, 2017
affected < 5.5.55-0.38.1fixed 5.5.55-0.38.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access v
CVE-2017-3305MedApr 24, 2017
affected < 5.5.55-0.38.1fixed 5.5.55-0.38.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protoc
CVE-2017-3302HigFeb 12, 2017
affected < 5.5.55-0.38.1fixed 5.5.55-0.38.1
Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.
CVE-2017-3318MedJan 27, 2017
affected < 5.5.54-0.35.1fixed 5.5.54-0.35.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logo
CVE-2017-3317MedJan 27, 2017
affected < 5.5.54-0.35.1fixed 5.5.54-0.35.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infras
CVE-2017-3313MedJan 27, 2017
affected < 5.5.54-0.35.1fixed 5.5.54-0.35.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the
CVE-2017-3312MedJan 27, 2017
affected < 5.5.54-0.35.1fixed 5.5.54-0.35.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to t
CVE-2017-3291MedJan 27, 2017
affected < 5.5.54-0.35.1fixed 5.5.54-0.35.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to
CVE-2017-3265MedJan 27, 2017
affected < 5.5.54-0.35.1fixed 5.5.54-0.35.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to
CVE-2017-3258MedJan 27, 2017
affected < 5.5.54-0.35.1fixed 5.5.54-0.35.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via
CVE-2017-3244MedJan 27, 2017
affected < 5.5.54-0.35.1fixed 5.5.54-0.35.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via
CVE-2017-3243MedJan 27, 2017
affected < 5.5.54-0.35.1fixed 5.5.54-0.35.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise M
CVE-2017-3238MedJan 27, 2017
affected < 5.5.54-0.35.1fixed 5.5.54-0.35.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network acce
CVE-2016-7440MedDec 13, 2016
affected < 5.5.53-0.30.1fixed 5.5.53-0.30.1
The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
CVE-2016-5584MedOct 25, 2016
affected < 5.5.53-0.30.1fixed 5.5.53-0.30.1
Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.
CVE-2016-6662CriSep 20, 2016
affected < 5.5.52-0.27.1fixed 5.5.52-0.27.1
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary c
CVE-2016-5440MedJul 21, 2016
affected < 5.5.52-0.27.1fixed 5.5.52-0.27.1
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.

Page 3 of 7