CVE-2019-2797

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.2 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).

References

Affected packages

Git / github.com/mysql/mysql-server

Affected ranges

Type: GIT
Repo: https://github.com/mysql/mysql-server
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

8cc757da3d87bf4a1f07dcfb2d3c96fed3806870

Introduced

270fd3411e3d671a73ed9725940a30080f59ce6d

Last affected

124c7ab1d6f914637521fd4463a993aa73403513

Affected versions

mysql-5.*

mysql-5.5.52

mysql-5.5.53

mysql-5.5.54

mysql-5.5.55

mysql-5.5.56

mysql-5.5.57

mysql-5.5.58

mysql-5.5.59

mysql-5.5.60

mysql-5.5.61

mysql-5.5.62

mysql-5.5.63

mysql-5.6.33

mysql-5.6.34

mysql-5.6.35

mysql-5.6.36

mysql-5.6.37

mysql-5.6.38

mysql-5.6.39

mysql-5.6.40

mysql-5.6.41

mysql-5.6.42

mysql-5.6.43

mysql-5.7.15

mysql-5.7.16

mysql-5.7.17

mysql-5.7.18

mysql-5.7.19

mysql-5.7.20

mysql-5.7.21

mysql-5.7.22

mysql-5.7.24

mysql-5.7.25

mysql-5.7.26

mysql-8.*

mysql-8.0.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-2797.json"