CVE-2018-3063
- Source
- https://cve.org/CVERecord?id=CVE-2018-3063
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-3063.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-3063
- Downstream
- Related
- Published
- 2018-07-18T13:29:07.803Z
- Modified
- 2026-02-06T05:17:12.868437Z
- Severity
-
- 4.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
- References
-
- http://www.securitytracker.com/id/1041294
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- http://www.securityfocus.com/bid/104786
- http://www.securitytracker.com/id/1041294
- https://access.redhat.com/errata/RHSA-2019:1258
- https://access.redhat.com/errata/RHSA-2019:2327
- https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html
- https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html
- https://security.netapp.com/advisory/ntap-20180726-0002/
- https://usn.ubuntu.com/3725-1/
- https://usn.ubuntu.com/3725-2/
- https://www.debian.org/security/2018/dsa-4341
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html
- https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html
Affected packages
Git / github.com/mariadb/server
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mariadb/server
- Events
-
IntroducedFixedIntroducedFixedIntroducedFixedIntroducedFixedIntroducedFixed
Affected versions
mariadb-10.*
mariadb-10.0.13
mariadb-10.0.14
mariadb-10.0.15
mariadb-10.0.16
mariadb-10.0.17
mariadb-10.0.18
mariadb-10.0.19
mariadb-10.0.20
mariadb-10.0.21
mariadb-10.0.22
mariadb-10.0.23
mariadb-10.0.24
mariadb-10.0.25
mariadb-10.0.26
mariadb-10.0.27
mariadb-10.0.28
mariadb-10.0.29
mariadb-10.0.30
mariadb-10.0.31
mariadb-10.0.32
mariadb-10.0.33
mariadb-10.0.34
mariadb-10.0.35
mariadb-10.0.36
mariadb-10.1.0
mariadb-10.1.1
mariadb-10.1.10
mariadb-10.1.11
mariadb-10.1.12
mariadb-10.1.13
mariadb-10.1.14
mariadb-10.1.15
mariadb-10.1.16
mariadb-10.1.17
mariadb-10.1.18
mariadb-10.1.19
mariadb-10.1.2
mariadb-10.1.20
mariadb-10.1.21
mariadb-10.1.22
mariadb-10.1.23
mariadb-10.1.24
mariadb-10.1.25
mariadb-10.1.26
mariadb-10.1.27
mariadb-10.1.28
mariadb-10.1.29
mariadb-10.1.3
mariadb-10.1.30
mariadb-10.1.31
mariadb-10.1.32
mariadb-10.1.33
mariadb-10.1.34
mariadb-10.1.4
mariadb-10.1.5
mariadb-10.1.6
mariadb-10.1.7
mariadb-10.1.8
mariadb-10.1.9
mariadb-5.*
mariadb-5.5.39
mariadb-5.5.40
mariadb-5.5.41
mariadb-5.5.42
mariadb-5.5.43
mariadb-5.5.44
mariadb-5.5.45
mariadb-5.5.46
mariadb-5.5.47
mariadb-5.5.48
mariadb-5.5.49
mariadb-5.5.50
mariadb-5.5.51
mariadb-5.5.52
mariadb-5.5.53
mariadb-5.5.54
mariadb-5.5.55
mariadb-5.5.56
mariadb-5.5.57
mariadb-5.5.58
mariadb-5.5.59
mariadb-5.5.60
mariadb-5.5.61
mariadb-galera-10.*
mariadb-galera-10.0.10
mariadb-galera-10.0.11
mariadb-galera-10.0.12
mariadb-galera-10.0.13
mariadb-galera-10.0.14
mariadb-galera-10.0.15
mariadb-galera-10.0.16
mariadb-galera-10.0.17
mariadb-galera-10.0.19
mariadb-galera-10.0.20
mariadb-galera-10.0.21
mariadb-galera-10.0.22
mariadb-galera-10.0.23
mariadb-galera-10.0.24
mariadb-galera-10.0.25
mariadb-galera-10.0.26
mariadb-galera-10.0.27
mariadb-galera-10.0.28
mariadb-galera-10.0.29
mariadb-galera-10.0.30
mariadb-galera-10.0.31
mariadb-galera-10.0.32
mariadb-galera-10.0.33
mariadb-galera-10.0.34
mariadb-galera-10.0.35
mariadb-galera-10.0.7
mariadb-galera-10.0.7a
mariadb-galera-5.*
mariadb-galera-5.5.25
mariadb-galera-5.5.28a
mariadb-galera-5.5.29
mariadb-galera-5.5.32
mariadb-galera-5.5.32a
mariadb-galera-5.5.34
mariadb-galera-5.5.35
mariadb-galera-5.5.36
mariadb-galera-5.5.36a
mariadb-galera-5.5.37
mariadb-galera-5.5.38
mariadb-galera-5.5.39
mariadb-galera-5.5.40
mariadb-galera-5.5.41
mariadb-galera-5.5.42
mariadb-galera-5.5.43
mariadb-galera-5.5.44
mariadb-galera-5.5.45
mariadb-galera-5.5.46
mariadb-galera-5.5.47
mariadb-galera-5.5.48
mariadb-galera-5.5.49
mariadb-galera-5.5.50
mariadb-galera-5.5.51
mariadb-galera-5.5.52
mariadb-galera-5.5.53
mariadb-galera-5.5.54
mariadb-galera-5.5.55
mariadb-galera-5.5.56
mariadb-galera-5.5.57
mariadb-galera-5.5.58
mariadb-galera-5.5.59
mariadb-galera-5.5.60
mysql-5.*
mysql-5.5.39
mysql-5.5.40
mysql-5.5.41
mysql-5.5.42
mysql-5.5.43
mysql-5.5.44
mysql-5.5.45
mysql-5.5.46
mysql-5.5.47
mysql-5.5.48
mysql-5.5.49
mysql-5.5.50
mysql-5.5.51
mysql-5.5.52
mysql-5.5.53
mysql-5.5.54
mysql-5.5.55
mysql-5.5.56
mysql-5.5.57
mysql-5.5.58
mysql-5.5.59
mysql-5.5.60
mysql-5.5.61
Database specific
vanir_signatures
[
{
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/e48d775c6f066add457fa8cfb2ebc4d5ff0c7613",
"id": "CVE-2018-3063-054c046b",
"target": {
"file": "sql-common/client.c",
"function": "unpack_fields"
},
"digest": {
"function_hash": "88964842003053574630259804416355278302",
"length": 3281.0
},
"signature_type": "Function",
"signature_version": "v1"
},
{
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/e48d775c6f066add457fa8cfb2ebc4d5ff0c7613",
"id": "CVE-2018-3063-404642c2",
"target": {
"file": "sql-common/client.c",
"function": "cli_read_rows"
},
"digest": {
"function_hash": "30804943894516639331708306752096632231",
"length": 2052.0
},
"signature_type": "Function",
"signature_version": "v1"
},
{
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/e48d775c6f066add457fa8cfb2ebc4d5ff0c7613",
"id": "CVE-2018-3063-c0d67519",
"target": {
"file": "sql-common/client.c"
},
"digest": {
"line_hashes": [
"78191142045503767829834019020932019650",
"250157719937173868004615858289264688140",
"312170375706132797718465719883724591296",
"15117071355854376419182426407334479680",
"140920309514825384561268578794081140775",
"130933521110411440899075290412605664940",
"28770826883863233939468445958714821618",
"49331132400223798885681869446783630656"
],
"threshold": 0.9
},
"signature_type": "Line",
"signature_version": "v1"
},
{
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/50c426200224a4527e84052aa2ab32be893f43f4",
"id": "CVE-2018-3063-c7d63e12",
"target": {
"file": "storage/sphinx/ha_sphinx.cc",
"function": "ha_sphinx::create"
},
"digest": {
"function_hash": "212715881248758194619613885069756850581",
"length": 3204.0
},
"signature_type": "Function",
"signature_version": "v1"
},
{
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/50c426200224a4527e84052aa2ab32be893f43f4",
"id": "CVE-2018-3063-fd9a5a54",
"target": {
"file": "storage/sphinx/ha_sphinx.cc"
},
"digest": {
"line_hashes": [
"249570897828672210811035826591486207304",
"322223126166962698284273532715400319885",
"270290635075884075638435410358092034776",
"297141217069259403319068516826314832701"
],
"threshold": 0.9
},
"signature_type": "Line",
"signature_version": "v1"
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-3063.json"
Git / github.com/mysql/mysql-server
Affected versions
mysql-5.*
mysql-5.0.87sp1
mysql-5.0.90
mysql-5.0.91
mysql-5.0.92
mysql-5.0.93
mysql-5.0.94
mysql-5.0.95
mysql-5.0.96
mysql-5.1.40sp1
mysql-5.1.41
mysql-5.1.42
mysql-5.1.43
mysql-5.1.43sp1
mysql-5.1.44
mysql-5.1.45
mysql-5.1.46
mysql-5.1.46sp1
mysql-5.1.47
mysql-5.1.48
mysql-5.1.49
mysql-5.1.49sp1
mysql-5.1.50
mysql-5.1.51
mysql-5.1.52
mysql-5.1.52sp1
mysql-5.1.53
mysql-5.1.54
mysql-5.1.55
mysql-5.1.56
mysql-5.1.57
mysql-5.1.58
mysql-5.1.59
mysql-5.1.60
mysql-5.1.61
mysql-5.1.62
mysql-5.1.63
mysql-5.1.65
mysql-5.1.66
mysql-5.1.67
mysql-5.1.68
mysql-5.1.69
mysql-5.1.69-retag
mysql-5.1.70
mysql-5.1.71
mysql-5.1.72
mysql-5.1.73
mysql-5.1.74
mysql-5.1.75
mysql-5.1.76
mysql-5.1.77
mysql-5.5.0
mysql-5.5.1-m2
mysql-5.5.10
mysql-5.5.11
mysql-5.5.12
mysql-5.5.13
mysql-5.5.14
mysql-5.5.15
mysql-5.5.16
mysql-5.5.17
mysql-5.5.18
mysql-5.5.19
mysql-5.5.2-m2
mysql-5.5.20
mysql-5.5.21
mysql-5.5.22
mysql-5.5.23
mysql-5.5.24
mysql-5.5.25
mysql-5.5.25a
mysql-5.5.27
mysql-5.5.28
mysql-5.5.29
mysql-5.5.3-m3
mysql-5.5.30
mysql-5.5.31
mysql-5.5.32
mysql-5.5.33
mysql-5.5.34
mysql-5.5.35
mysql-5.5.36
mysql-5.5.37
mysql-5.5.38
mysql-5.5.39
mysql-5.5.40
mysql-5.5.41
mysql-5.5.42
mysql-5.5.43
mysql-5.5.44
mysql-5.5.45
mysql-5.5.46
mysql-5.5.47
mysql-5.5.48
mysql-5.5.49
mysql-5.5.5-m3
mysql-5.5.50
mysql-5.5.51
mysql-5.5.52
mysql-5.5.53
mysql-5.5.54
mysql-5.5.55
mysql-5.5.56
mysql-5.5.57
mysql-5.5.58
mysql-5.5.59
mysql-5.5.6-rc
mysql-5.5.60
mysql-5.5.7
mysql-5.5.8
mysql-5.5.9
Database specific
vanir_signatures
[
{
"deprecated": false,
"source": "https://github.com/mysql/mysql-server/commit/e48d775c6f066add457fa8cfb2ebc4d5ff0c7613",
"id": "CVE-2018-3063-03b72084",
"target": {
"file": "sql-common/client.c"
},
"digest": {
"line_hashes": [
"78191142045503767829834019020932019650",
"250157719937173868004615858289264688140",
"312170375706132797718465719883724591296",
"15117071355854376419182426407334479680",
"140920309514825384561268578794081140775",
"130933521110411440899075290412605664940",
"28770826883863233939468445958714821618",
"49331132400223798885681869446783630656"
],
"threshold": 0.9
},
"signature_type": "Line",
"signature_version": "v1"
},
{
"deprecated": false,
"source": "https://github.com/mysql/mysql-server/commit/e48d775c6f066add457fa8cfb2ebc4d5ff0c7613",
"id": "CVE-2018-3063-96a3e3de",
"target": {
"file": "sql-common/client.c",
"function": "cli_read_rows"
},
"digest": {
"function_hash": "30804943894516639331708306752096632231",
"length": 2052.0
},
"signature_type": "Function",
"signature_version": "v1"
},
{
"deprecated": false,
"source": "https://github.com/mysql/mysql-server/commit/e48d775c6f066add457fa8cfb2ebc4d5ff0c7613",
"id": "CVE-2018-3063-e5eeae5c",
"target": {
"file": "sql-common/client.c",
"function": "unpack_fields"
},
"digest": {
"function_hash": "88964842003053574630259804416355278302",
"length": 3281.0
},
"signature_type": "Function",
"signature_version": "v1"
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-3063.json"