CVE-2025-21495

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-21495

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-21495.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-21495

Downstream

OESA-2025-1103

Published

2025-01-21T21:15:14.367Z

Modified

2026-03-12T17:39:30.864607Z

Severity

4.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

Vulnerability in the MySQL Enterprise Firewall product of Oracle MySQL (component: Firewall). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Firewall. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Enterprise Firewall. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).

References

https://www.oracle.com/security-alerts/cpujan2025.html

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "8.0.0"
            },
            {
                "last_affected": "8.0.40"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "8.4.0"
            },
            {
                "last_affected": "8.4.3"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.1.0"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-21495.json"