CVE-2019-2805 - Vulnerability Details

Vendors	Products
Canonical	Ubuntu Linux
Fedoraproject	Fedora
Mariadb	Mariadb
Opensuse	Leap
Oracle	Mysql
Redhat	Enterprise Linux Enterprise Linux Desktop Enterprise Linux Eus Enterprise Linux Server Enterprise Linux Server Aus Enterprise Linux Server Tus Enterprise Linux Workstation Rhel E4s Rhel Software Collections

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 7
mariadb-1:5.5.65-1.el7	cpe:/o:redhat:enterprise_linux:7	RHSA-2020:1100	2020-03-31T00:00:00Z
Red Hat Enterprise Linux 8
mysql:8.0-8000020190807131617.f8e95b4e	cpe:/a:redhat:enterprise_linux:8	RHSA-2019:2511	2019-08-15T00:00:00Z
mariadb:10.3-8010020190902091509.cdc1202b	cpe:/a:redhat:enterprise_linux:8	RHSA-2019:3708	2019-11-05T00:00:00Z
mariadb-devel:10.3-8010020190902091509.cdc1202b	cpe:/a:redhat:enterprise_linux:8	RHSA-2019:3708	2019-11-05T00:00:00Z
Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions
mariadb:10.3-8000020201221114409.f8e95b4e	cpe:/a:redhat:rhel_e4s:8.0	RHSA-2020:5663	2020-12-22T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 6
rh-mariadb102-galera-0:25.3.29-1.el6	cpe:/a:redhat:rhel_software_collections:3::el6	RHSA-2020:4174	2020-10-05T00:00:00Z
rh-mariadb102-mariadb-1:10.2.33-1.el6	cpe:/a:redhat:rhel_software_collections:3::el6	RHSA-2020:4174	2020-10-05T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7
rh-mysql80-mysql-0:8.0.17-1.el7	cpe:/a:redhat:rhel_software_collections:3::el7	RHSA-2019:2484	2019-08-14T00:00:00Z
rh-mariadb102-galera-0:25.3.29-1.el7	cpe:/a:redhat:rhel_software_collections:3::el7	RHSA-2020:4174	2020-10-05T00:00:00Z
rh-mariadb102-mariadb-1:10.2.33-1.el7	cpe:/a:redhat:rhel_software_collections:3::el7	RHSA-2020:4174	2020-10-05T00:00:00Z
rh-mariadb103-galera-0:25.3.31-1.el7	cpe:/a:redhat:rhel_software_collections:3::el7	RHSA-2020:5246	2020-11-30T00:00:00Z
rh-mariadb103-mariadb-3:10.3.27-1.el7	cpe:/a:redhat:rhel_software_collections:3::el7	RHSA-2020:5246	2020-11-30T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS
rh-mysql80-mysql-0:8.0.17-1.el7	cpe:/a:redhat:rhel_software_collections:3::el7	RHSA-2019:2484	2019-08-14T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS
rh-mysql80-mysql-0:8.0.17-1.el7	cpe:/a:redhat:rhel_software_collections:3::el7	RHSA-2019:2484	2019-08-14T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS
rh-mysql80-mysql-0:8.0.17-1.el7	cpe:/a:redhat:rhel_software_collections:3::el7	RHSA-2019:2484	2019-08-14T00:00:00Z
rh-mariadb102-galera-0:25.3.29-1.el7	cpe:/a:redhat:rhel_software_collections:3::el7	RHSA-2020:4174	2020-10-05T00:00:00Z
rh-mariadb102-mariadb-1:10.2.33-1.el7	cpe:/a:redhat:rhel_software_collections:3::el7	RHSA-2020:4174	2020-10-05T00:00:00Z
rh-mariadb103-galera-0:25.3.31-1.el7	cpe:/a:redhat:rhel_software_collections:3::el7	RHSA-2020:5246	2020-11-30T00:00:00Z
rh-mariadb103-mariadb-3:10.3.27-1.el7	cpe:/a:redhat:rhel_software_collections:3::el7	RHSA-2020:5246	2020-11-30T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS
rh-mysql80-mysql-0:8.0.17-1.el7	cpe:/a:redhat:rhel_software_collections:3::el7	RHSA-2019:2484	2019-08-14T00:00:00Z
rh-mariadb102-galera-0:25.3.29-1.el7	cpe:/a:redhat:rhel_software_collections:3::el7	RHSA-2020:4174	2020-10-05T00:00:00Z
rh-mariadb102-mariadb-1:10.2.33-1.el7	cpe:/a:redhat:rhel_software_collections:3::el7	RHSA-2020:4174	2020-10-05T00:00:00Z
rh-mariadb103-galera-0:25.3.31-1.el7	cpe:/a:redhat:rhel_software_collections:3::el7	RHSA-2020:5246	2020-11-30T00:00:00Z
rh-mariadb103-mariadb-3:10.3.27-1.el7	cpe:/a:redhat:rhel_software_collections:3::el7	RHSA-2020:5246	2020-11-30T00:00:00Z

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html
http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html
http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://access.redhat.com/errata/RHSA-2019:2484
https://access.redhat.com/errata/RHSA-2019:2511
https://access.redhat.com/errata/RHSA-2019:3708
https://nvd.nist.gov/vuln/detail/CVE-2019-2805
https://seclists.org/bugtraq/2019/Aug/1
https://support.f5.com/csp/article/K04831884
https://support.f5.com/csp/article/K04831884?utm_source=f5support&amp%3Butm_medium=RSS
https://usn.ubuntu.com/4070-1/
https://usn.ubuntu.com/4070-2/
https://usn.ubuntu.com/4070-3/
https://www.cve.org/CVERecord?id=CVE-2019-2805

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "MySQL Server", "vendor": "Oracle Corporation", "versions": [{"status": "affected", "version": "5.6.44 and prior"}, {"status": "affected", "version": "5.7.26 and prior"}, {"status": "affected", "version": "8.0.16 and prior"}]}], "descriptions": [{"lang": "en", "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)."}], "problemTypes": [{"descriptions": [{"description": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-12-22T12:06:03", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"}, {"name": "USN-4070-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4070-1/"}, {"name": "20190802 [slackware-security] mariadb (SSA:2019-213-01)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2019/Aug/1"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html"}, {"name": "USN-4070-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4070-2/"}, {"name": "USN-4070-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4070-3/"}, {"name": "RHSA-2019:2484", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:2484"}, {"name": "RHSA-2019:2511", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:2511"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.f5.com/csp/article/K04831884"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.f5.com/csp/article/K04831884?utm_source=f5support&amp%3Butm_medium=RSS"}, {"name": "RHSA-2019:3708", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:3708"}, {"name": "openSUSE-SU-2019:2698", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2019-2805", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "MySQL Server", "version": {"version_data": [{"version_affected": "=", "version_value": "5.6.44 and prior"}, {"version_affected": "=", "version_value": "5.7.26 and prior"}, {"version_affected": "=", "version_value": "8.0.16 and prior"}]}}]}, "vendor_name": "Oracle Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."}]}]}, "references": {"reference_data": [{"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"}, {"name": "USN-4070-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4070-1/"}, {"name": "20190802 [slackware-security] mariadb (SSA:2019-213-01)", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Aug/1"}, {"name": "http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html"}, {"name": "USN-4070-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4070-2/"}, {"name": "USN-4070-3", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4070-3/"}, {"name": "RHSA-2019:2484", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2484"}, {"name": "RHSA-2019:2511", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2511"}, {"name": "https://support.f5.com/csp/article/K04831884", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K04831884"}, {"name": "https://support.f5.com/csp/article/K04831884?utm_source=f5support&amp;utm_medium=RSS", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K04831884?utm_source=f5support&amp;utm_medium=RSS"}, {"name": "RHSA-2019:3708", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3708"}, {"name": "openSUSE-SU-2019:2698", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T19:03:42.953Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"}, {"name": "USN-4070-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4070-1/"}, {"name": "20190802 [slackware-security] mariadb (SSA:2019-213-01)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "https://seclists.org/bugtraq/2019/Aug/1"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html"}, {"name": "USN-4070-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4070-2/"}, {"name": "USN-4070-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4070-3/"}, {"name": "RHSA-2019:2484", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:2484"}, {"name": "RHSA-2019:2511", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:2511"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.f5.com/csp/article/K04831884"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.f5.com/csp/article/K04831884?utm_source=f5support&amp%3Butm_medium=RSS"}, {"name": "RHSA-2019:3708", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:3708"}, {"name": "openSUSE-SU-2019:2698", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-01T16:17:09.471575Z", "id": "CVE-2019-2805", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-01T16:39:54.198Z"}}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2019-2805", "datePublished": "2019-07-23T22:31:47", "dateReserved": "2018-12-14T00:00:00", "dateUpdated": "2024-10-01T16:39:54.198Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : MySQL Server (string)

vendor : Oracle Corporation (string)

versions : [ »

0 : { »

status : affected (string)

version : 5.6.44 and prior (string)

}

1 : { »

status : affected (string)

version : 5.7.26 and prior (string)

}

2 : { »

status : affected (string)

version : 8.0.16 and prior (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2019-12-22T12:06:03 (string)

orgId : 43595867-4340-4103-b7a2-9a5208d29a85 (string)

shortName : oracle (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html (string)

}

1 : { »

name : USN-4070-1 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

]

url : https://usn.ubuntu.com/4070-1/ (string)

}

2 : { »

name : 20190802 [slackware-security] mariadb (SSA:2019-213-01) (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

]

url : https://seclists.org/bugtraq/2019/Aug/1 (string)

}

3 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html (string)

}

4 : { »

name : USN-4070-2 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

]

url : https://usn.ubuntu.com/4070-2/ (string)

}

5 : { »

name : USN-4070-3 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

]

url : https://usn.ubuntu.com/4070-3/ (string)

}

6 : { »

name : RHSA-2019:2484 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : https://access.redhat.com/errata/RHSA-2019:2484 (string)

}

7 : { »

name : RHSA-2019:2511 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : https://access.redhat.com/errata/RHSA-2019:2511 (string)

}

8 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://support.f5.com/csp/article/K04831884 (string)

}

9 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://support.f5.com/csp/article/K04831884?utm_source=f5support&amp%3Butm_medium=RSS (string)

}

10 : { »

name : RHSA-2019:3708 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : https://access.redhat.com/errata/RHSA-2019:3708 (string)

}

11 : { »

name : openSUSE-SU-2019:2698 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : secalert_us@oracle.com (string)

ID : CVE-2019-2805 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : MySQL Server (string)

version : { »

version_data : [ »

0 : { »

version_affected : = (string)

version_value : 5.6.44 and prior (string)

}

1 : { »

version_affected : = (string)

version_value : 5.7.26 and prior (string)

}

2 : { »

version_affected : = (string)

version_value : 8.0.16 and prior (string)

}

]

}

]

}

vendor_name : Oracle Corporation (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html (string)

refsource : MISC (string)

url : http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html (string)

}

1 : { »

name : USN-4070-1 (string)

refsource : UBUNTU (string)

url : https://usn.ubuntu.com/4070-1/ (string)

}

2 : { »

name : 20190802 [slackware-security] mariadb (SSA:2019-213-01) (string)

refsource : BUGTRAQ (string)

url : https://seclists.org/bugtraq/2019/Aug/1 (string)

}

3 : { »

name : http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html (string)

refsource : MISC (string)

url : http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html (string)

}

4 : { »

name : USN-4070-2 (string)

refsource : UBUNTU (string)

url : https://usn.ubuntu.com/4070-2/ (string)

}

5 : { »

name : USN-4070-3 (string)

refsource : UBUNTU (string)

url : https://usn.ubuntu.com/4070-3/ (string)

}

6 : { »

name : RHSA-2019:2484 (string)

refsource : REDHAT (string)

url : https://access.redhat.com/errata/RHSA-2019:2484 (string)

}

7 : { »

name : RHSA-2019:2511 (string)

refsource : REDHAT (string)

url : https://access.redhat.com/errata/RHSA-2019:2511 (string)

}

8 : { »

name : https://support.f5.com/csp/article/K04831884 (string)

refsource : CONFIRM (string)

url : https://support.f5.com/csp/article/K04831884 (string)

}

9 : { »

name : https://support.f5.com/csp/article/K04831884?utm_source=f5support&utm_medium=RSS (string)

refsource : CONFIRM (string)

url : https://support.f5.com/csp/article/K04831884?utm_source=f5support&utm_medium=RSS (string)

}

10 : { »

name : RHSA-2019:3708 (string)

refsource : REDHAT (string)

url : https://access.redhat.com/errata/RHSA-2019:3708 (string)

}

11 : { »

name : openSUSE-SU-2019:2698 (string)

refsource : SUSE (string)

url : http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T19:03:42.953Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html (string)

}

1 : { »

name : USN-4070-1 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

2 : x_transferred (string)

]

url : https://usn.ubuntu.com/4070-1/ (string)

}

2 : { »

name : 20190802 [slackware-security] mariadb (SSA:2019-213-01) (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

2 : x_transferred (string)

]

url : https://seclists.org/bugtraq/2019/Aug/1 (string)

}

3 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html (string)

}

4 : { »

name : USN-4070-2 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

2 : x_transferred (string)

]

url : https://usn.ubuntu.com/4070-2/ (string)

}

5 : { »

name : USN-4070-3 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

2 : x_transferred (string)

]

url : https://usn.ubuntu.com/4070-3/ (string)

}

6 : { »

name : RHSA-2019:2484 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : https://access.redhat.com/errata/RHSA-2019:2484 (string)

}

7 : { »

name : RHSA-2019:2511 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : https://access.redhat.com/errata/RHSA-2019:2511 (string)

}

8 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://support.f5.com/csp/article/K04831884 (string)

}

9 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://support.f5.com/csp/article/K04831884?utm_source=f5support&amp%3Butm_medium=RSS (string)

}

10 : { »

name : RHSA-2019:3708 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : https://access.redhat.com/errata/RHSA-2019:3708 (string)

}

11 : { »

name : openSUSE-SU-2019:2698 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html (string)

}

]

}

1 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2024-10-01T16:17:09.471575Z (string)

id : CVE-2019-2805 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-10-01T16:39:54.198Z (string)

}

]

}

cveMetadata : { »

assignerOrgId : 43595867-4340-4103-b7a2-9a5208d29a85 (string)

assignerShortName : oracle (string)

cveId : CVE-2019-2805 (string)

datePublished : 2019-07-23T22:31:47 (string)

dateReserved : 2018-12-14T00:00:00 (string)

dateUpdated : 2024-10-01T16:39:54.198Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://usn.ubuntu.com/4070-1/", "name": "USN-4070-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"]}, {"url": "https://seclists.org/bugtraq/2019/Aug/1", "name": "20190802 [slackware-security] mariadb (SSA:2019-213-01)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"]}, {"url": "http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://usn.ubuntu.com/4070-2/", "name": "USN-4070-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"]}, {"url": "https://usn.ubuntu.com/4070-3/", "name": "USN-4070-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2019:2484", "name": "RHSA-2019:2484", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2019:2511", "name": "RHSA-2019:2511", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://support.f5.com/csp/article/K04831884", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://support.f5.com/csp/article/K04831884?utm_source=f5support&amp%3Butm_medium=RSS", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2019:3708", "name": "RHSA-2019:3708", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html", "name": "openSUSE-SU-2019:2698", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T19:03:42.953Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-2805", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-01T16:17:09.471575Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-01T16:18:00.724Z"}}], "cna": {"affected": [{"vendor": "Oracle Corporation", "product": "MySQL Server", "versions": [{"status": "affected", "version": "5.6.44 and prior"}, {"status": "affected", "version": "5.7.26 and prior"}, {"status": "affected", "version": "8.0.16 and prior"}]}], "references": [{"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "tags": ["x_refsource_MISC"]}, {"url": "https://usn.ubuntu.com/4070-1/", "name": "USN-4070-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"]}, {"url": "https://seclists.org/bugtraq/2019/Aug/1", "name": "20190802 [slackware-security] mariadb (SSA:2019-213-01)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"]}, {"url": "http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html", "tags": ["x_refsource_MISC"]}, {"url": "https://usn.ubuntu.com/4070-2/", "name": "USN-4070-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"]}, {"url": "https://usn.ubuntu.com/4070-3/", "name": "USN-4070-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU"]}, {"url": "https://access.redhat.com/errata/RHSA-2019:2484", "name": "RHSA-2019:2484", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2019:2511", "name": "RHSA-2019:2511", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://support.f5.com/csp/article/K04831884", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://support.f5.com/csp/article/K04831884?utm_source=f5support&amp%3Butm_medium=RSS", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://access.redhat.com/errata/RHSA-2019:3708", "name": "RHSA-2019:3708", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html", "name": "openSUSE-SU-2019:2698", "tags": ["vendor-advisory", "x_refsource_SUSE"]}], "descriptions": [{"lang": "en", "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."}]}], "providerMetadata": {"orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle", "dateUpdated": "2019-12-22T12:06:03"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "5.6.44 and prior", "version_affected": "="}, {"version_value": "5.7.26 and prior", "version_affected": "="}, {"version_value": "8.0.16 and prior", "version_affected": "="}]}, "product_name": "MySQL Server"}]}, "vendor_name": "Oracle Corporation"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC"}, {"url": "https://usn.ubuntu.com/4070-1/", "name": "USN-4070-1", "refsource": "UBUNTU"}, {"url": "https://seclists.org/bugtraq/2019/Aug/1", "name": "20190802 [slackware-security] mariadb (SSA:2019-213-01)", "refsource": "BUGTRAQ"}, {"url": "http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html", "name": "http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html", "refsource": "MISC"}, {"url": "https://usn.ubuntu.com/4070-2/", "name": "USN-4070-2", "refsource": "UBUNTU"}, {"url": "https://usn.ubuntu.com/4070-3/", "name": "USN-4070-3", "refsource": "UBUNTU"}, {"url": "https://access.redhat.com/errata/RHSA-2019:2484", "name": "RHSA-2019:2484", "refsource": "REDHAT"}, {"url": "https://access.redhat.com/errata/RHSA-2019:2511", "name": "RHSA-2019:2511", "refsource": "REDHAT"}, {"url": "https://support.f5.com/csp/article/K04831884", "name": "https://support.f5.com/csp/article/K04831884", "refsource": "CONFIRM"}, {"url": "https://support.f5.com/csp/article/K04831884?utm_source=f5support&amp;utm_medium=RSS", "name": "https://support.f5.com/csp/article/K04831884?utm_source=f5support&amp;utm_medium=RSS", "refsource": "CONFIRM"}, {"url": "https://access.redhat.com/errata/RHSA-2019:3708", "name": "RHSA-2019:3708", "refsource": "REDHAT"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html", "name": "openSUSE-SU-2019:2698", "refsource": "SUSE"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2019-2805", "STATE": "PUBLIC", "ASSIGNER": "secalert_us@oracle.com"}}}}, "cveMetadata": {"cveId": "CVE-2019-2805", "state": "PUBLISHED", "dateUpdated": "2024-10-01T16:39:54.198Z", "dateReserved": "2018-12-14T00:00:00", "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "datePublished": "2019-07-23T22:31:47", "assignerShortName": "oracle"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html (string)

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

}

1 : { »

url : https://usn.ubuntu.com/4070-1/ (string)

name : USN-4070-1 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

2 : x_transferred (string)

]

}

2 : { »

url : https://seclists.org/bugtraq/2019/Aug/1 (string)

name : 20190802 [slackware-security] mariadb (SSA:2019-213-01) (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

2 : x_transferred (string)

]

}

3 : { »

url : http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html (string)

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

}

4 : { »

url : https://usn.ubuntu.com/4070-2/ (string)

name : USN-4070-2 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

2 : x_transferred (string)

]

}

5 : { »

url : https://usn.ubuntu.com/4070-3/ (string)

name : USN-4070-3 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

2 : x_transferred (string)

]

}

6 : { »

url : https://access.redhat.com/errata/RHSA-2019:2484 (string)

name : RHSA-2019:2484 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

}

7 : { »

url : https://access.redhat.com/errata/RHSA-2019:2511 (string)

name : RHSA-2019:2511 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

}

8 : { »

url : https://support.f5.com/csp/article/K04831884 (string)

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

}

9 : { »

url : https://support.f5.com/csp/article/K04831884?utm_source=f5support&amp%3Butm_medium=RSS (string)

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

}

10 : { »

url : https://access.redhat.com/errata/RHSA-2019:3708 (string)

name : RHSA-2019:3708 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

}

11 : { »

url : http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html (string)

name : openSUSE-SU-2019:2698 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T19:03:42.953Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2019-2805 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-10-01T16:17:09.471575Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-10-01T16:18:00.724Z (string)

}

]

cna : { »

affected : [ »

0 : { »

vendor : Oracle Corporation (string)

product : MySQL Server (string)

versions : [ »

0 : { »

status : affected (string)

version : 5.6.44 and prior (string)

}

1 : { »

status : affected (string)

version : 5.7.26 and prior (string)

}

2 : { »

status : affected (string)

version : 8.0.16 and prior (string)

}

]

}

]

references : [ »

0 : { »

url : http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html (string)

tags : [ »

0 : x_refsource_MISC (string)

]

}

1 : { »

url : https://usn.ubuntu.com/4070-1/ (string)

name : USN-4070-1 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

]

}

2 : { »

url : https://seclists.org/bugtraq/2019/Aug/1 (string)

name : 20190802 [slackware-security] mariadb (SSA:2019-213-01) (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

]

}

3 : { »

url : http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html (string)

tags : [ »

0 : x_refsource_MISC (string)

]

}

4 : { »

url : https://usn.ubuntu.com/4070-2/ (string)

name : USN-4070-2 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

]

}

5 : { »

url : https://usn.ubuntu.com/4070-3/ (string)

name : USN-4070-3 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

]

}

6 : { »

url : https://access.redhat.com/errata/RHSA-2019:2484 (string)

name : RHSA-2019:2484 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

}

7 : { »

url : https://access.redhat.com/errata/RHSA-2019:2511 (string)

name : RHSA-2019:2511 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

}

8 : { »

url : https://support.f5.com/csp/article/K04831884 (string)

tags : [ »

0 : x_refsource_CONFIRM (string)

]

}

9 : { »

url : https://support.f5.com/csp/article/K04831884?utm_source=f5support&amp%3Butm_medium=RSS (string)

tags : [ »

0 : x_refsource_CONFIRM (string)

]

}

10 : { »

url : https://access.redhat.com/errata/RHSA-2019:3708 (string)

name : RHSA-2019:3708 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

}

11 : { »

url : http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html (string)

name : openSUSE-SU-2019:2698 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : text (string)

description : Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (string)

}

]

}

]

providerMetadata : { »

orgId : 43595867-4340-4103-b7a2-9a5208d29a85 (string)

shortName : oracle (string)

dateUpdated : 2019-12-22T12:06:03 (string)

}

x_legacyV4Record : { »

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

version : { »

version_data : [ »

0 : { »

version_value : 5.6.44 and prior (string)

version_affected : = (string)

}

1 : { »

version_value : 5.7.26 and prior (string)

version_affected : = (string)

}

2 : { »

version_value : 8.0.16 and prior (string)

version_affected : = (string)

}

]

}

product_name : MySQL Server (string)

}

]

}

vendor_name : Oracle Corporation (string)

}

]

}

data_type : CVE (string)

references : { »

reference_data : [ »

0 : { »

url : http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html (string)

name : http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html (string)

refsource : MISC (string)

}

1 : { »

url : https://usn.ubuntu.com/4070-1/ (string)

name : USN-4070-1 (string)

refsource : UBUNTU (string)

}

2 : { »

url : https://seclists.org/bugtraq/2019/Aug/1 (string)

name : 20190802 [slackware-security] mariadb (SSA:2019-213-01) (string)

refsource : BUGTRAQ (string)

}

3 : { »

url : http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html (string)

name : http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html (string)

refsource : MISC (string)

}

4 : { »

url : https://usn.ubuntu.com/4070-2/ (string)

name : USN-4070-2 (string)

refsource : UBUNTU (string)

}

5 : { »

url : https://usn.ubuntu.com/4070-3/ (string)

name : USN-4070-3 (string)

refsource : UBUNTU (string)

}

6 : { »

url : https://access.redhat.com/errata/RHSA-2019:2484 (string)

name : RHSA-2019:2484 (string)

refsource : REDHAT (string)

}

7 : { »

url : https://access.redhat.com/errata/RHSA-2019:2511 (string)

name : RHSA-2019:2511 (string)

refsource : REDHAT (string)

}

8 : { »

url : https://support.f5.com/csp/article/K04831884 (string)

name : https://support.f5.com/csp/article/K04831884 (string)

refsource : CONFIRM (string)

}

9 : { »

url : https://support.f5.com/csp/article/K04831884?utm_source=f5support&utm_medium=RSS (string)

name : https://support.f5.com/csp/article/K04831884?utm_source=f5support&utm_medium=RSS (string)

refsource : CONFIRM (string)

}

10 : { »

url : https://access.redhat.com/errata/RHSA-2019:3708 (string)

name : RHSA-2019:3708 (string)

refsource : REDHAT (string)

}

11 : { »

url : http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html (string)

name : openSUSE-SU-2019:2698 (string)

refsource : SUSE (string)

}

]

}

data_format : MITRE (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (string)

}

]

}

]

}

data_version : 4.0 (string)

CVE_data_meta : { »

ID : CVE-2019-2805 (string)

STATE : PUBLIC (string)

ASSIGNER : secalert_us@oracle.com (string)

}

cveMetadata : { »

cveId : CVE-2019-2805 (string)

state : PUBLISHED (string)

dateUpdated : 2024-10-01T16:39:54.198Z (string)

dateReserved : 2018-12-14T00:00:00 (string)

assignerOrgId : 43595867-4340-4103-b7a2-9a5208d29a85 (string)

datePublished : 2019-07-23T22:31:47 (string)

assignerShortName : oracle (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "matchCriteriaId": "964DBA55-FF6B-4C48-8F51-66D6047B2BFE", "versionEndIncluding": "5.6.44", "versionStartIncluding": "5.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "matchCriteriaId": "7AA46C20-5CB8-4E68-B8EC-ED7CE2F2C7B8", "versionEndIncluding": "5.7.26", "versionStartIncluding": "5.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "matchCriteriaId": "7FB3C333-CFE6-452F-8E1D-1C1090460804", "versionEndIncluding": "8.0.16", "versionStartIncluding": "8.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "matchCriteriaId": "30A8DC99-7CFD-499A-B29C-5C3C588C2335", "versionEndExcluding": "5.5.65", "versionStartIncluding": "5.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "matchCriteriaId": "3C4AD4E4-A6B5-416D-AED2-180CDBF30A47", "versionEndExcluding": "10.1.41", "versionStartIncluding": "10.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "matchCriteriaId": "83EFB2B2-6061-470F-B3F3-95B61F27AA89", "versionEndExcluding": "10.2.26", "versionStartIncluding": "10.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "matchCriteriaId": "B25AC2A8-498C-4B5D-A203-2EC2C219ED71", "versionEndExcluding": "10.3.17", "versionStartIncluding": "10.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "matchCriteriaId": "B68BEB7B-B05B-4C30-9B98-225236879788", "versionEndExcluding": "10.4.7", "versionStartIncluding": "10.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "6A06E53A-1153-43A5-9812-4573A178AEBD", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "92BC9265-6959-4D37-BE5E-8C45E98992F8", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "831F0F47-3565-4763-B16F-C87B1FF2035E", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "0E3F09B5-569F-4C58-9FCA-3C0953D107B5", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "6C3741B8-851F-475D-B428-523F4F722350", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "B0FEFCDD-A212-4525-B449-2C4A00A0D2E9", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6897676D-53F9-45B3-B27F-7FF9A4C58D33", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "E28F226A-CBC7-4A32-BE58-398FA5B42481", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "76C24D94-834A-4E9D-8F73-624AFA99AAA2", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "B09ACF2D-D83F-4A86-8185-9569605D8EE1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "AC10D919-57FD-4725-B8D2-39ECB476902F", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "1272DF03-7674-4BD4-8E64-94004B195448", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "1EDC134D-B969-4743-9BD7-5932D185DC62", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)."}, {"lang": "es", "value": "Una vulnerabilidad en el componente MySQL Server de MySQL de Oracle (subcomponente: Server: Parser). Las versiones compatibles que est\u00e1n afectadas son 5.6.44 y anteriores, 5.7.26 y anteriores y 8.0.16 y anteriores. Una vulnerabilidad f\u00e1cilmente explotable permite a un atacante poco privilegiado con acceso a la red por medio de m\u00faltiples protocolos comprometer a MySQL Server. Los ataques con \u00e9xito de esta vulnerabilidad pueden resultar en una capacidad no autorizada para causar una suspensi\u00f3n o un bloqueo repetible frecuentemente (DOS completa) de MySQL Server. CVSS 3.0 Puntuaci\u00f3n Base 6.5 (impactos de disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)."}], "id": "CVE-2019-2805", "lastModified": "2024-11-21T04:41:35.977", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-07-23T23:15:42.647", "references": [{"source": "secalert_us@oracle.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html"}, {"source": "secalert_us@oracle.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:2484"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:2511"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:3708"}, {"source": "secalert_us@oracle.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://seclists.org/bugtraq/2019/Aug/1"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "https://support.f5.com/csp/article/K04831884"}, {"source": "secalert_us@oracle.com", "url": "https://support.f5.com/csp/article/K04831884?utm_source=f5support&amp%3Butm_medium=RSS"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4070-1/"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4070-2/"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4070-3/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:2484"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:2511"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:3708"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://seclists.org/bugtraq/2019/Aug/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://support.f5.com/csp/article/K04831884"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.f5.com/csp/article/K04831884?utm_source=f5support&amp%3Butm_medium=RSS"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4070-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4070-2/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4070-3/"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 964DBA55-FF6B-4C48-8F51-66D6047B2BFE (string)

versionEndIncluding : 5.6.44 (string)

versionStartIncluding : 5.6.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 7AA46C20-5CB8-4E68-B8EC-ED7CE2F2C7B8 (string)

versionEndIncluding : 5.7.26 (string)

versionStartIncluding : 5.7.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 7FB3C333-CFE6-452F-8E1D-1C1090460804 (string)

versionEndIncluding : 8.0.16 (string)

versionStartIncluding : 8.0.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 30A8DC99-7CFD-499A-B29C-5C3C588C2335 (string)

versionEndExcluding : 5.5.65 (string)

versionStartIncluding : 5.5.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 3C4AD4E4-A6B5-416D-AED2-180CDBF30A47 (string)

versionEndExcluding : 10.1.41 (string)

versionStartIncluding : 10.1.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 83EFB2B2-6061-470F-B3F3-95B61F27AA89 (string)

versionEndExcluding : 10.2.26 (string)

versionStartIncluding : 10.2.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B25AC2A8-498C-4B5D-A203-2EC2C219ED71 (string)

versionEndExcluding : 10.3.17 (string)

versionStartIncluding : 10.3.0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B68BEB7B-B05B-4C30-9B98-225236879788 (string)

versionEndExcluding : 10.4.7 (string)

versionStartIncluding : 10.4.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* (string)

matchCriteriaId : 7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* (string)

matchCriteriaId : 23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:* (string)

matchCriteriaId : CD783B0C-9246-47D9-A937-6144FE8BFF0F (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

3 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_desktop:8.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 6A06E53A-1153-43A5-9812-4573A178AEBD (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 92BC9265-6959-4D37-BE5E-8C45E98992F8 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 831F0F47-3565-4763-B16F-C87B1FF2035E (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 0E3F09B5-569F-4C58-9FCA-3C0953D107B5 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 6C3741B8-851F-475D-B428-523F4F722350 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_server:8.0:*:*:*:*:*:*:* (string)

matchCriteriaId : B0FEFCDD-A212-4525-B449-2C4A00A0D2E9 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 6897676D-53F9-45B3-B27F-7FF9A4C58D33 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:* (string)

matchCriteriaId : E28F226A-CBC7-4A32-BE58-398FA5B42481 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 76C24D94-834A-4E9D-8F73-624AFA99AAA2 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:* (string)

matchCriteriaId : B09ACF2D-D83F-4A86-8185-9569605D8EE1 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:* (string)

matchCriteriaId : AC10D919-57FD-4725-B8D2-39ECB476902F (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 1272DF03-7674-4BD4-8E64-94004B195448 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:o:redhat:enterprise_linux_workstation:8.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 1EDC134D-B969-4743-9BD7-5932D185DC62 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

4 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:* (string)

matchCriteriaId : D100F7CE-FC64-4CC6-852A-6136D72DA419 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:* (string)

matchCriteriaId : 97A4B8DF-58DA-4AB6-A1F9-331B36409BA3 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

5 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:* (string)

matchCriteriaId : B620311B-34A3-48A6-82DF-6F078D7A4493 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (string)

}

1 : { »

lang : es (string)

value : Una vulnerabilidad en el componente MySQL Server de MySQL de Oracle (subcomponente: Server: Parser). Las versiones compatibles que están afectadas son 5.6.44 y anteriores, 5.7.26 y anteriores y 8.0.16 y anteriores. Una vulnerabilidad fácilmente explotable permite a un atacante poco privilegiado con acceso a la red por medio de múltiples protocolos comprometer a MySQL Server. Los ataques con éxito de esta vulnerabilidad pueden resultar en una capacidad no autorizada para causar una suspensión o un bloqueo repetible frecuentemente (DOS completa) de MySQL Server. CVSS 3.0 Puntuación Base 6.5 (impactos de disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (string)

}

]

id : CVE-2019-2805 (string)

lastModified : 2024-11-21T04:41:35.977 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : SINGLE (string)

availabilityImpact : PARTIAL (string)

baseScore : 4 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:S/C:N/I:N/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 8 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 6.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 2.8 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2019-07-23T23:15:42.647 (string)

references : [ »

0 : { »

source : secalert_us@oracle.com (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html (string)

}

1 : { »

source : secalert_us@oracle.com (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html (string)

}

2 : { »

source : secalert_us@oracle.com (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html (string)

}

3 : { »

source : secalert_us@oracle.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://access.redhat.com/errata/RHSA-2019:2484 (string)

}

4 : { »

source : secalert_us@oracle.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://access.redhat.com/errata/RHSA-2019:2511 (string)

}

5 : { »

source : secalert_us@oracle.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://access.redhat.com/errata/RHSA-2019:3708 (string)

}

6 : { »

source : secalert_us@oracle.com (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : https://seclists.org/bugtraq/2019/Aug/1 (string)

}

7 : { »

source : secalert_us@oracle.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://support.f5.com/csp/article/K04831884 (string)

}

8 : { »

source : secalert_us@oracle.com (string)

url : https://support.f5.com/csp/article/K04831884?utm_source=f5support&amp%3Butm_medium=RSS (string)

}

9 : { »

source : secalert_us@oracle.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://usn.ubuntu.com/4070-1/ (string)

}

10 : { »

source : secalert_us@oracle.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://usn.ubuntu.com/4070-2/ (string)

}

11 : { »

source : secalert_us@oracle.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://usn.ubuntu.com/4070-3/ (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://access.redhat.com/errata/RHSA-2019:2484 (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://access.redhat.com/errata/RHSA-2019:2511 (string)

}

17 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://access.redhat.com/errata/RHSA-2019:3708 (string)

}

18 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : https://seclists.org/bugtraq/2019/Aug/1 (string)

}

19 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://support.f5.com/csp/article/K04831884 (string)

}

20 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://support.f5.com/csp/article/K04831884?utm_source=f5support&amp%3Butm_medium=RSS (string)

}

21 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://usn.ubuntu.com/4070-1/ (string)

}

22 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://usn.ubuntu.com/4070-2/ (string)

}

23 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://usn.ubuntu.com/4070-3/ (string)

}

]

sourceIdentifier : secalert_us@oracle.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-noinfo (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"affected_release": [{"advisory": "RHSA-2020:1100", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "mariadb-1:5.5.65-1.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-03-31T00:00:00Z"}, {"advisory": "RHSA-2019:2511", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "mysql:8.0-8000020190807131617.f8e95b4e", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2019-08-15T00:00:00Z"}, {"advisory": "RHSA-2019:3708", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "mariadb:10.3-8010020190902091509.cdc1202b", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2019-11-05T00:00:00Z"}, {"advisory": "RHSA-2019:3708", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "mariadb-devel:10.3-8010020190902091509.cdc1202b", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2019-11-05T00:00:00Z"}, {"advisory": "RHSA-2020:5663", "cpe": "cpe:/a:redhat:rhel_e4s:8.0", "package": "mariadb:10.3-8000020201221114409.f8e95b4e", "product_name": "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions", "release_date": "2020-12-22T00:00:00Z"}, {"advisory": "RHSA-2020:4174", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el6", "package": "rh-mariadb102-galera-0:25.3.29-1.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2020-10-05T00:00:00Z"}, {"advisory": "RHSA-2020:4174", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el6", "package": "rh-mariadb102-mariadb-1:10.2.33-1.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2020-10-05T00:00:00Z"}, {"advisory": "RHSA-2019:2484", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-mysql80-mysql-0:8.0.17-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2019-08-14T00:00:00Z"}, {"advisory": "RHSA-2020:4174", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-mariadb102-galera-0:25.3.29-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2020-10-05T00:00:00Z"}, {"advisory": "RHSA-2020:4174", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-mariadb102-mariadb-1:10.2.33-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2020-10-05T00:00:00Z"}, {"advisory": "RHSA-2020:5246", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-mariadb103-galera-0:25.3.31-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2020-11-30T00:00:00Z"}, {"advisory": "RHSA-2020:5246", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-mariadb103-mariadb-3:10.3.27-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2020-11-30T00:00:00Z"}, {"advisory": "RHSA-2019:2484", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-mysql80-mysql-0:8.0.17-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS", "release_date": "2019-08-14T00:00:00Z"}, {"advisory": "RHSA-2019:2484", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-mysql80-mysql-0:8.0.17-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS", "release_date": "2019-08-14T00:00:00Z"}, {"advisory": "RHSA-2019:2484", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-mysql80-mysql-0:8.0.17-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS", "release_date": "2019-08-14T00:00:00Z"}, {"advisory": "RHSA-2020:4174", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-mariadb102-galera-0:25.3.29-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS", "release_date": "2020-10-05T00:00:00Z"}, {"advisory": "RHSA-2020:4174", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-mariadb102-mariadb-1:10.2.33-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS", "release_date": "2020-10-05T00:00:00Z"}, {"advisory": "RHSA-2020:5246", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-mariadb103-galera-0:25.3.31-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS", "release_date": "2020-11-30T00:00:00Z"}, {"advisory": "RHSA-2020:5246", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-mariadb103-mariadb-3:10.3.27-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS", "release_date": "2020-11-30T00:00:00Z"}, {"advisory": "RHSA-2019:2484", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-mysql80-mysql-0:8.0.17-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date": "2019-08-14T00:00:00Z"}, {"advisory": "RHSA-2020:4174", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-mariadb102-galera-0:25.3.29-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date": "2020-10-05T00:00:00Z"}, {"advisory": "RHSA-2020:4174", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-mariadb102-mariadb-1:10.2.33-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date": "2020-10-05T00:00:00Z"}, {"advisory": "RHSA-2020:5246", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-mariadb103-galera-0:25.3.31-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date": "2020-11-30T00:00:00Z"}, {"advisory": "RHSA-2020:5246", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-mariadb103-mariadb-3:10.3.27-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date": "2020-11-30T00:00:00Z"}], "bugzilla": {"description": "mysql: Server: Parser unspecified vulnerability (CPU Jul 2019)", "id": "1732025", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732025"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "details": ["Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)."], "name": "CVE-2019-2805", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Out of support scope", "package_name": "mysql55-mysql", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "mysql", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/a:redhat:openstack:10", "fix_state": "Will not fix", "package_name": "mariadb-galera", "product_name": "Red Hat OpenStack Platform 10 (Newton)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Will not fix", "package_name": "mariadb", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:14", "fix_state": "Will not fix", "package_name": "mariadb", "product_name": "Red Hat OpenStack Platform 14 (Rocky)"}, {"cpe": "cpe:/a:redhat:openstack:9", "fix_state": "Will not fix", "package_name": "mariadb-galera", "product_name": "Red Hat OpenStack Platform 9 (Mitaka)"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Out of support scope", "package_name": "rh-mysql57-mysql", "product_name": "Red Hat Software Collections"}], "public_date": "2019-07-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-2805\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-2805\nhttp://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"], "threat_severity": "Moderate"}

{

affected_release : [ »

0 : { »

advisory : RHSA-2020:1100 (string)

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

package : mariadb-1:5.5.65-1.el7 (string)

product_name : Red Hat Enterprise Linux 7 (string)

release_date : 2020-03-31T00:00:00Z (string)

}

1 : { »

advisory : RHSA-2019:2511 (string)

cpe : cpe:/a:redhat:enterprise_linux:8 (string)

package : mysql:8.0-8000020190807131617.f8e95b4e (string)

product_name : Red Hat Enterprise Linux 8 (string)

release_date : 2019-08-15T00:00:00Z (string)

}

2 : { »

advisory : RHSA-2019:3708 (string)

cpe : cpe:/a:redhat:enterprise_linux:8 (string)

package : mariadb:10.3-8010020190902091509.cdc1202b (string)

product_name : Red Hat Enterprise Linux 8 (string)

release_date : 2019-11-05T00:00:00Z (string)

}

3 : { »

advisory : RHSA-2019:3708 (string)

cpe : cpe:/a:redhat:enterprise_linux:8 (string)

package : mariadb-devel:10.3-8010020190902091509.cdc1202b (string)

product_name : Red Hat Enterprise Linux 8 (string)

release_date : 2019-11-05T00:00:00Z (string)

}

4 : { »

advisory : RHSA-2020:5663 (string)

cpe : cpe:/a:redhat:rhel_e4s:8.0 (string)

package : mariadb:10.3-8000020201221114409.f8e95b4e (string)

product_name : Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions (string)

release_date : 2020-12-22T00:00:00Z (string)

}

5 : { »

advisory : RHSA-2020:4174 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el6 (string)

package : rh-mariadb102-galera-0:25.3.29-1.el6 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 6 (string)

release_date : 2020-10-05T00:00:00Z (string)

}

6 : { »

advisory : RHSA-2020:4174 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el6 (string)

package : rh-mariadb102-mariadb-1:10.2.33-1.el6 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 6 (string)

release_date : 2020-10-05T00:00:00Z (string)

}

7 : { »

advisory : RHSA-2019:2484 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el7 (string)

package : rh-mysql80-mysql-0:8.0.17-1.el7 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 7 (string)

release_date : 2019-08-14T00:00:00Z (string)

}

8 : { »

advisory : RHSA-2020:4174 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el7 (string)

package : rh-mariadb102-galera-0:25.3.29-1.el7 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 7 (string)

release_date : 2020-10-05T00:00:00Z (string)

}

9 : { »

advisory : RHSA-2020:4174 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el7 (string)

package : rh-mariadb102-mariadb-1:10.2.33-1.el7 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 7 (string)

release_date : 2020-10-05T00:00:00Z (string)

}

10 : { »

advisory : RHSA-2020:5246 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el7 (string)

package : rh-mariadb103-galera-0:25.3.31-1.el7 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 7 (string)

release_date : 2020-11-30T00:00:00Z (string)

}

11 : { »

advisory : RHSA-2020:5246 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el7 (string)

package : rh-mariadb103-mariadb-3:10.3.27-1.el7 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 7 (string)

release_date : 2020-11-30T00:00:00Z (string)

}

12 : { »

advisory : RHSA-2019:2484 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el7 (string)

package : rh-mysql80-mysql-0:8.0.17-1.el7 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS (string)

release_date : 2019-08-14T00:00:00Z (string)

}

13 : { »

advisory : RHSA-2019:2484 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el7 (string)

package : rh-mysql80-mysql-0:8.0.17-1.el7 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS (string)

release_date : 2019-08-14T00:00:00Z (string)

}

14 : { »

advisory : RHSA-2019:2484 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el7 (string)

package : rh-mysql80-mysql-0:8.0.17-1.el7 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS (string)

release_date : 2019-08-14T00:00:00Z (string)

}

15 : { »

advisory : RHSA-2020:4174 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el7 (string)

package : rh-mariadb102-galera-0:25.3.29-1.el7 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS (string)

release_date : 2020-10-05T00:00:00Z (string)

}

16 : { »

advisory : RHSA-2020:4174 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el7 (string)

package : rh-mariadb102-mariadb-1:10.2.33-1.el7 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS (string)

release_date : 2020-10-05T00:00:00Z (string)

}

17 : { »

advisory : RHSA-2020:5246 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el7 (string)

package : rh-mariadb103-galera-0:25.3.31-1.el7 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS (string)

release_date : 2020-11-30T00:00:00Z (string)

}

18 : { »

advisory : RHSA-2020:5246 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el7 (string)

package : rh-mariadb103-mariadb-3:10.3.27-1.el7 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS (string)

release_date : 2020-11-30T00:00:00Z (string)

}

19 : { »

advisory : RHSA-2019:2484 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el7 (string)

package : rh-mysql80-mysql-0:8.0.17-1.el7 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS (string)

release_date : 2019-08-14T00:00:00Z (string)

}

20 : { »

advisory : RHSA-2020:4174 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el7 (string)

package : rh-mariadb102-galera-0:25.3.29-1.el7 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS (string)

release_date : 2020-10-05T00:00:00Z (string)

}

21 : { »

advisory : RHSA-2020:4174 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el7 (string)

package : rh-mariadb102-mariadb-1:10.2.33-1.el7 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS (string)

release_date : 2020-10-05T00:00:00Z (string)

}

22 : { »

advisory : RHSA-2020:5246 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el7 (string)

package : rh-mariadb103-galera-0:25.3.31-1.el7 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS (string)

release_date : 2020-11-30T00:00:00Z (string)

}

23 : { »

advisory : RHSA-2020:5246 (string)

cpe : cpe:/a:redhat:rhel_software_collections:3::el7 (string)

package : rh-mariadb103-mariadb-3:10.3.27-1.el7 (string)

product_name : Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS (string)

release_date : 2020-11-30T00:00:00Z (string)

}

]

bugzilla : { »

description : mysql: Server: Parser unspecified vulnerability (CPU Jul 2019) (string)

id : 1732025 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=1732025 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 6.5 (string)

cvss3_scoring_vector : CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

status : verified (string)

}

details : [ »

0 : Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (string)

]

name : CVE-2019-2805 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:5 (string)

fix_state : Out of support scope (string)

package_name : mysql55-mysql (string)

product_name : Red Hat Enterprise Linux 5 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Will not fix (string)

package_name : mysql (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

2 : { »

cpe : cpe:/a:redhat:openstack:10 (string)

fix_state : Will not fix (string)

package_name : mariadb-galera (string)

product_name : Red Hat OpenStack Platform 10 (Newton) (string)

}

3 : { »

cpe : cpe:/a:redhat:openstack:13 (string)

fix_state : Will not fix (string)

package_name : mariadb (string)

product_name : Red Hat OpenStack Platform 13 (Queens) (string)

}

4 : { »

cpe : cpe:/a:redhat:openstack:14 (string)

fix_state : Will not fix (string)

package_name : mariadb (string)

product_name : Red Hat OpenStack Platform 14 (Rocky) (string)

}

5 : { »

cpe : cpe:/a:redhat:openstack:9 (string)

fix_state : Will not fix (string)

package_name : mariadb-galera (string)

product_name : Red Hat OpenStack Platform 9 (Mitaka) (string)

}

6 : { »

cpe : cpe:/a:redhat:rhel_software_collections:3 (string)

fix_state : Out of support scope (string)

package_name : rh-mysql57-mysql (string)

product_name : Red Hat Software Collections (string)

}

]

public_date : 2019-07-16T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2019-2805 https://nvd.nist.gov/vuln/detail/CVE-2019-2805 http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html (string)

]

threat_severity : Moderate (string)

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object