AZL-51319

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-51319.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-51319

Upstream

CVE-2024-2410

Published

2024-05-03T13:15:21Z

Modified

2026-04-01T05:17:42.437311Z

Summary

CVE-2024-2410 affecting package mysql for versions less than 8.0.40-2

Details

The JsonToBinaryStream() function is part of the protocol buffers C++ implementation and is used to parse JSON from a stream. If the input is broken up into separate chunks in a certain way, the parser will attempt to read bytes from a chunk that has already been freed.

References

https://nvd.nist.gov/vuln/detail/CVE-2024-2410

Affected packages

Azure Linux:3 / mysql

Package

Name: mysql
Purl: pkg:rpm/azure-linux/mysql

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.40-2

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-51319.json"