Asymmetric denial of service - ReDoS In mariadb
Description
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 debian 13 | 11.8.6-0+deb13u1 | ||
debian 12 | - | ||
debian 14 | 1:11.8.5-1 | ||
 rpm rhel10 | 0:8.4.8-1.el10_1 | ||
rpm rhel9 | 0:8.0.45-1.el9_7 | ||
rpm rhel10 | - | - | |
rpm rhel10.0 | 3:10.11.15-1.el10_0 | ||
rpm rhel8 | 0:8.0.45-1.module+el8.10.0+24016+b28eaa79 | ||
rpm rhel8 | 3:10.11.15-1.module+el8.10.0+24010+d874728a | ||
rpm rhel9 | - | - |
1-10 of 12
10
Aliases