CVE-2018-3058

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-3058
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-3058.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-3058
Downstream
Related
Published
2018-07-18T13:29:07.647Z
Modified
2026-02-03T21:10:22.157557Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).

References

Affected packages

Git / github.com/mariadb/server

Affected ranges

Type
GIT
Repo
https://github.com/mariadb/server
Events
Introduced
c235de12ae3723b96944337bd89ad9cc87f21d8f
Fixed
50c426200224a4527e84052aa2ab32be893f43f4
Introduced
9664240c948a92c22ccda0e1f5a420eb776ddcb1
Fixed
5553d3f1f691a374124686946bd1f1cc4ef9fb45
Introduced
776555af021e917ce0d6235386b43ae59fdd5161
Fixed
5d90717cc9e05f2a3bfe137031eb15fc1e291ad7
Introduced
20ae591abd0bfe1bfaee546989ee163f4ef832b1
Fixed
ca26f91bcaa21933147974c823852a2e1c2e2bd7
Introduced
5bfe1a3917ee1bddc7f2cde0c88961875148873c
Fixed
e48d775c6f066add457fa8cfb2ebc4d5ff0c7613

Affected versions

mariadb-10.*
mariadb-10.0.13
mariadb-10.0.14
mariadb-10.0.15
mariadb-10.0.16
mariadb-10.0.17
mariadb-10.0.18
mariadb-10.0.19
mariadb-10.0.20
mariadb-10.0.21
mariadb-10.0.22
mariadb-10.0.23
mariadb-10.0.24
mariadb-10.0.25
mariadb-10.0.26
mariadb-10.0.27
mariadb-10.0.28
mariadb-10.0.29
mariadb-10.0.30
mariadb-10.0.31
mariadb-10.0.32
mariadb-10.0.33
mariadb-10.0.34
mariadb-10.0.35
mariadb-10.0.36
mariadb-10.1.0
mariadb-10.1.1
mariadb-10.1.10
mariadb-10.1.11
mariadb-10.1.12
mariadb-10.1.13
mariadb-10.1.14
mariadb-10.1.15
mariadb-10.1.16
mariadb-10.1.17
mariadb-10.1.18
mariadb-10.1.19
mariadb-10.1.2
mariadb-10.1.20
mariadb-10.1.21
mariadb-10.1.22
mariadb-10.1.23
mariadb-10.1.24
mariadb-10.1.25
mariadb-10.1.26
mariadb-10.1.27
mariadb-10.1.28
mariadb-10.1.29
mariadb-10.1.3
mariadb-10.1.30
mariadb-10.1.31
mariadb-10.1.32
mariadb-10.1.33
mariadb-10.1.34
mariadb-10.1.4
mariadb-10.1.5
mariadb-10.1.6
mariadb-10.1.7
mariadb-10.1.8
mariadb-10.1.9
mariadb-5.*
mariadb-5.5.39
mariadb-5.5.40
mariadb-5.5.41
mariadb-5.5.42
mariadb-5.5.43
mariadb-5.5.44
mariadb-5.5.45
mariadb-5.5.46
mariadb-5.5.47
mariadb-5.5.48
mariadb-5.5.49
mariadb-5.5.50
mariadb-5.5.51
mariadb-5.5.52
mariadb-5.5.53
mariadb-5.5.54
mariadb-5.5.55
mariadb-5.5.56
mariadb-5.5.57
mariadb-5.5.58
mariadb-5.5.59
mariadb-5.5.60
mariadb-5.5.61
mariadb-galera-10.*
mariadb-galera-10.0.10
mariadb-galera-10.0.11
mariadb-galera-10.0.12
mariadb-galera-10.0.13
mariadb-galera-10.0.14
mariadb-galera-10.0.15
mariadb-galera-10.0.16
mariadb-galera-10.0.17
mariadb-galera-10.0.19
mariadb-galera-10.0.20
mariadb-galera-10.0.21
mariadb-galera-10.0.22
mariadb-galera-10.0.23
mariadb-galera-10.0.24
mariadb-galera-10.0.25
mariadb-galera-10.0.26
mariadb-galera-10.0.27
mariadb-galera-10.0.28
mariadb-galera-10.0.29
mariadb-galera-10.0.30
mariadb-galera-10.0.31
mariadb-galera-10.0.32
mariadb-galera-10.0.33
mariadb-galera-10.0.34
mariadb-galera-10.0.35
mariadb-galera-10.0.7
mariadb-galera-10.0.7a
mariadb-galera-5.*
mariadb-galera-5.5.25
mariadb-galera-5.5.28a
mariadb-galera-5.5.29
mariadb-galera-5.5.32
mariadb-galera-5.5.32a
mariadb-galera-5.5.34
mariadb-galera-5.5.35
mariadb-galera-5.5.36
mariadb-galera-5.5.36a
mariadb-galera-5.5.37
mariadb-galera-5.5.38
mariadb-galera-5.5.39
mariadb-galera-5.5.40
mariadb-galera-5.5.41
mariadb-galera-5.5.42
mariadb-galera-5.5.43
mariadb-galera-5.5.44
mariadb-galera-5.5.45
mariadb-galera-5.5.46
mariadb-galera-5.5.47
mariadb-galera-5.5.48
mariadb-galera-5.5.49
mariadb-galera-5.5.50
mariadb-galera-5.5.51
mariadb-galera-5.5.52
mariadb-galera-5.5.53
mariadb-galera-5.5.54
mariadb-galera-5.5.55
mariadb-galera-5.5.56
mariadb-galera-5.5.57
mariadb-galera-5.5.58
mariadb-galera-5.5.59
mariadb-galera-5.5.60
mysql-5.*
mysql-5.5.39
mysql-5.5.40
mysql-5.5.41
mysql-5.5.42
mysql-5.5.43
mysql-5.5.44
mysql-5.5.45
mysql-5.5.46
mysql-5.5.47
mysql-5.5.48
mysql-5.5.49
mysql-5.5.50
mysql-5.5.51
mysql-5.5.52
mysql-5.5.53
mysql-5.5.54
mysql-5.5.55
mysql-5.5.56
mysql-5.5.57
mysql-5.5.58
mysql-5.5.59
mysql-5.5.60
mysql-5.5.61

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-3058.json"
vanir_signatures 
[
    {
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/mariadb/server/commit/e48d775c6f066add457fa8cfb2ebc4d5ff0c7613",
        "target": {
            "function": "unpack_fields",
            "file": "sql-common/client.c"
        },
        "deprecated": false,
        "id": "CVE-2018-3058-054c046b",
        "digest": {
            "length": 3281.0,
            "function_hash": "88964842003053574630259804416355278302"
        }
    },
    {
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/mariadb/server/commit/e48d775c6f066add457fa8cfb2ebc4d5ff0c7613",
        "target": {
            "function": "cli_read_rows",
            "file": "sql-common/client.c"
        },
        "deprecated": false,
        "id": "CVE-2018-3058-404642c2",
        "digest": {
            "length": 2052.0,
            "function_hash": "30804943894516639331708306752096632231"
        }
    },
    {
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/mariadb/server/commit/e48d775c6f066add457fa8cfb2ebc4d5ff0c7613",
        "target": {
            "file": "sql-common/client.c"
        },
        "deprecated": false,
        "id": "CVE-2018-3058-c0d67519",
        "digest": {
            "line_hashes": [
                "78191142045503767829834019020932019650",
                "250157719937173868004615858289264688140",
                "312170375706132797718465719883724591296",
                "15117071355854376419182426407334479680",
                "140920309514825384561268578794081140775",
                "130933521110411440899075290412605664940",
                "28770826883863233939468445958714821618",
                "49331132400223798885681869446783630656"
            ],
            "threshold": 0.9
        }
    },
    {
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/mariadb/server/commit/50c426200224a4527e84052aa2ab32be893f43f4",
        "target": {
            "function": "ha_sphinx::create",
            "file": "storage/sphinx/ha_sphinx.cc"
        },
        "deprecated": false,
        "id": "CVE-2018-3058-c7d63e12",
        "digest": {
            "length": 3204.0,
            "function_hash": "212715881248758194619613885069756850581"
        }
    },
    {
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/mariadb/server/commit/50c426200224a4527e84052aa2ab32be893f43f4",
        "target": {
            "file": "storage/sphinx/ha_sphinx.cc"
        },
        "deprecated": false,
        "id": "CVE-2018-3058-fd9a5a54",
        "digest": {
            "line_hashes": [
                "249570897828672210811035826591486207304",
                "322223126166962698284273532715400319885",
                "270290635075884075638435410358092034776",
                "297141217069259403319068516826314832701"
            ],
            "threshold": 0.9
        }
    }
]

Git / github.com/mysql/mysql-server

Affected ranges

Type
GIT
Repo
https://github.com/mysql/mysql-server
Events
Introduced
54df0057e18d8c82c23fbd4e0bf5b5dc2e762955
Fixed
e48d775c6f066add457fa8cfb2ebc4d5ff0c7613

Affected versions

mysql-5.*
mysql-5.0.87sp1
mysql-5.0.90
mysql-5.0.91
mysql-5.0.92
mysql-5.0.93
mysql-5.0.94
mysql-5.0.95
mysql-5.0.96
mysql-5.1.40sp1
mysql-5.1.41
mysql-5.1.42
mysql-5.1.43
mysql-5.1.43sp1
mysql-5.1.44
mysql-5.1.45
mysql-5.1.46
mysql-5.1.46sp1
mysql-5.1.47
mysql-5.1.48
mysql-5.1.49
mysql-5.1.49sp1
mysql-5.1.50
mysql-5.1.51
mysql-5.1.52
mysql-5.1.52sp1
mysql-5.1.53
mysql-5.1.54
mysql-5.1.55
mysql-5.1.56
mysql-5.1.57
mysql-5.1.58
mysql-5.1.59
mysql-5.1.60
mysql-5.1.61
mysql-5.1.62
mysql-5.1.63
mysql-5.1.65
mysql-5.1.66
mysql-5.1.67
mysql-5.1.68
mysql-5.1.69
mysql-5.1.69-retag
mysql-5.1.70
mysql-5.1.71
mysql-5.1.72
mysql-5.1.73
mysql-5.1.74
mysql-5.1.75
mysql-5.1.76
mysql-5.1.77
mysql-5.5.0
mysql-5.5.1-m2
mysql-5.5.10
mysql-5.5.11
mysql-5.5.12
mysql-5.5.13
mysql-5.5.14
mysql-5.5.15
mysql-5.5.16
mysql-5.5.17
mysql-5.5.18
mysql-5.5.19
mysql-5.5.2-m2
mysql-5.5.20
mysql-5.5.21
mysql-5.5.22
mysql-5.5.23
mysql-5.5.24
mysql-5.5.25
mysql-5.5.25a
mysql-5.5.27
mysql-5.5.28
mysql-5.5.29
mysql-5.5.3-m3
mysql-5.5.30
mysql-5.5.31
mysql-5.5.32
mysql-5.5.33
mysql-5.5.34
mysql-5.5.35
mysql-5.5.36
mysql-5.5.37
mysql-5.5.38
mysql-5.5.39
mysql-5.5.40
mysql-5.5.41
mysql-5.5.42
mysql-5.5.43
mysql-5.5.44
mysql-5.5.45
mysql-5.5.46
mysql-5.5.47
mysql-5.5.48
mysql-5.5.49
mysql-5.5.5-m3
mysql-5.5.50
mysql-5.5.51
mysql-5.5.52
mysql-5.5.53
mysql-5.5.54
mysql-5.5.55
mysql-5.5.56
mysql-5.5.57
mysql-5.5.58
mysql-5.5.59
mysql-5.5.6-rc
mysql-5.5.60
mysql-5.5.7
mysql-5.5.8
mysql-5.5.9

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-3058.json"
vanir_signatures 
[
    {
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/mysql/mysql-server/commit/e48d775c6f066add457fa8cfb2ebc4d5ff0c7613",
        "target": {
            "file": "sql-common/client.c"
        },
        "deprecated": false,
        "id": "CVE-2018-3058-03b72084",
        "digest": {
            "line_hashes": [
                "78191142045503767829834019020932019650",
                "250157719937173868004615858289264688140",
                "312170375706132797718465719883724591296",
                "15117071355854376419182426407334479680",
                "140920309514825384561268578794081140775",
                "130933521110411440899075290412605664940",
                "28770826883863233939468445958714821618",
                "49331132400223798885681869446783630656"
            ],
            "threshold": 0.9
        }
    },
    {
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/mysql/mysql-server/commit/e48d775c6f066add457fa8cfb2ebc4d5ff0c7613",
        "target": {
            "function": "cli_read_rows",
            "file": "sql-common/client.c"
        },
        "deprecated": false,
        "id": "CVE-2018-3058-96a3e3de",
        "digest": {
            "length": 2052.0,
            "function_hash": "30804943894516639331708306752096632231"
        }
    },
    {
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/mysql/mysql-server/commit/e48d775c6f066add457fa8cfb2ebc4d5ff0c7613",
        "target": {
            "function": "unpack_fields",
            "file": "sql-common/client.c"
        },
        "deprecated": false,
        "id": "CVE-2018-3058-e5eeae5c",
        "digest": {
            "length": 3281.0,
            "function_hash": "88964842003053574630259804416355278302"
        }
    }
]