CVE-2019-2529
- Source
- https://cve.org/CVERecord?id=CVE-2019-2529
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-2529.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2019-2529
- Downstream
- Related
- Published
- 2019-01-16T19:30:35.470Z
- Modified
- 2026-02-01T19:31:58.240488Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
- References
-
- http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
- http://www.securityfocus.com/bid/106619
- https://access.redhat.com/errata/RHSA-2019:2327
- https://access.redhat.com/errata/RHSA-2019:2484
- https://access.redhat.com/errata/RHSA-2019:2511
- https://lists.debian.org/debian-lts-announce/2019/02/msg00000.html
- https://security.gentoo.org/glsa/201908-24
- https://security.netapp.com/advisory/ntap-20190118-0002/
- https://usn.ubuntu.com/3867-1/
- http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
- https://lists.debian.org/debian-lts-announce/2019/02/msg00000.html
Affected packages
Git / github.com/mariadb/server
Database specific
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-2529.json"
vanir_signatures
[
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"237765151657241761060545917568592438457",
"282892052964035406096458752826974703594",
"331709904422826250552712086242116816438",
"176115959676277808190069612593833905726",
"230330805594433921590772567946620532095",
"47255113372923879477184980562105372254",
"26329151899032124183910913497801929179",
"22293964894336025272604977419376469865",
"167668817045489204466867684334868859511",
"67975863405797525162792927339788871905",
"84749669613772062555511102573128137234",
"69283157505885526018620724838637936262",
"197701761109942367333239577088976380653",
"239598302112433092328396507779744512009",
"23723580352070823327997294169768451351",
"3247828754220820036101687338050334347",
"308760586572137383675104670058598404809",
"113602089565736529543036970952825933207",
"45504199332619116834926854225141526894",
"153962053666761705168162526285701454961",
"273406632010146871244538339823105176261",
"162374734930589426093922569941708050630",
"191445438871741159723250729343908605508",
"93555790649715950730419210243852917288",
"271724641992035225233331050640716121152",
"108240395652469045122170820584696189538",
"181396317436643033745431490857315687382",
"321947496677054474388720929358709060396"
]
},
"source": "https://github.com/mariadb/server/commit/2175bfce3e9da8332f10ab0e0286dc93915533a2",
"target": {
"file": "sql-common/client.c"
},
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false,
"id": "CVE-2019-2529-201ca4b0"
},
{
"digest": {
"length": 1965.0,
"function_hash": "37505616395293039286558278604655342007"
},
"source": "https://github.com/mariadb/server/commit/2175bfce3e9da8332f10ab0e0286dc93915533a2",
"target": {
"function": "cli_read_query_result",
"file": "sql-common/client.c"
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false,
"id": "CVE-2019-2529-287a2bfb"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"260872133950048299786610494603498276818",
"145272208357237135551086962517929149133",
"143562161910367928547722272155653336197",
"204944358011655288036757556676990143081"
]
},
"source": "https://github.com/mariadb/server/commit/2175bfce3e9da8332f10ab0e0286dc93915533a2",
"target": {
"file": "include/mysql.h"
},
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false,
"id": "CVE-2019-2529-545db46f"
},
{
"digest": {
"length": 184.0,
"function_hash": "294100300767422614124814462410718463173"
},
"source": "https://github.com/mariadb/server/commit/2175bfce3e9da8332f10ab0e0286dc93915533a2",
"target": {
"function": "mysql_send_query",
"file": "sql-common/client.c"
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false,
"id": "CVE-2019-2529-65d86eb2"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"23819995871036551674167855928662230133",
"26871875759905393585395805544880292154",
"20487116962764908456539548172216133615",
"220422387753155601628714214315439422143",
"130183741228736005900355567131079736543",
"75442230809717543430586061101078307596",
"260607757623310415986283461888362474546",
"109728241848840356694629939412876721931"
]
},
"source": "https://github.com/mariadb/server/commit/2175bfce3e9da8332f10ab0e0286dc93915533a2",
"target": {
"file": "client/mysqltest.cc"
},
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false,
"id": "CVE-2019-2529-754087c9"
},
{
"digest": {
"length": 4266.0,
"function_hash": "134626199703766435485598804748470555243"
},
"source": "https://github.com/mariadb/server/commit/2175bfce3e9da8332f10ab0e0286dc93915533a2",
"target": {
"function": "mysql_options",
"file": "sql-common/client.c"
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false,
"id": "CVE-2019-2529-8ec2ba17"
},
{
"digest": {
"length": 985.0,
"function_hash": "6870408886625383238131197673473352757"
},
"source": "https://github.com/mariadb/server/commit/2175bfce3e9da8332f10ab0e0286dc93915533a2",
"target": {
"function": "mysql_init",
"file": "sql-common/client.c"
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false,
"id": "CVE-2019-2529-a3bf5f1a"
},
{
"digest": {
"length": 5903.0,
"function_hash": "315989850871176961668052140645257514172"
},
"source": "https://github.com/mariadb/server/commit/2175bfce3e9da8332f10ab0e0286dc93915533a2",
"target": {
"function": "do_connect",
"file": "client/mysqltest.cc"
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false,
"id": "CVE-2019-2529-a5afed68"
},
{
"digest": {
"length": 14687.0,
"function_hash": "20350302974156003554328855470558715640"
},
"source": "https://github.com/mariadb/server/commit/2175bfce3e9da8332f10ab0e0286dc93915533a2",
"target": {
"function": "main",
"file": "client/mysqltest.cc"
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false,
"id": "CVE-2019-2529-e2c593cd"
}
]
Git / github.com/mysql/mysql-server
Affected versions
mysql-5.*
mysql-5.0.87sp1
mysql-5.0.90
mysql-5.0.91
mysql-5.0.92
mysql-5.0.93
mysql-5.0.94
mysql-5.0.95
mysql-5.0.96
mysql-5.1.40sp1
mysql-5.1.41
mysql-5.1.42
mysql-5.1.43
mysql-5.1.43sp1
mysql-5.1.44
mysql-5.1.45
mysql-5.1.46
mysql-5.1.46sp1
mysql-5.1.47
mysql-5.1.48
mysql-5.1.49
mysql-5.1.49sp1
mysql-5.1.50
mysql-5.1.51
mysql-5.1.52
mysql-5.1.52sp1
mysql-5.1.53
mysql-5.1.54
mysql-5.1.55
mysql-5.1.56
mysql-5.1.57
mysql-5.1.58
mysql-5.1.59
mysql-5.1.60
mysql-5.1.61
mysql-5.1.62
mysql-5.1.63
mysql-5.1.65
mysql-5.1.66
mysql-5.1.67
mysql-5.1.68
mysql-5.1.69
mysql-5.1.69-retag
mysql-5.1.70
mysql-5.1.71
mysql-5.1.72
mysql-5.1.73
mysql-5.1.74
mysql-5.1.75
mysql-5.1.76
mysql-5.1.77
mysql-5.5.0
mysql-5.5.1-m2
mysql-5.5.10
mysql-5.5.11
mysql-5.5.12
mysql-5.5.13
mysql-5.5.14
mysql-5.5.15
mysql-5.5.16
mysql-5.5.17
mysql-5.5.18
mysql-5.5.19
mysql-5.5.2-m2
mysql-5.5.20
mysql-5.5.21
mysql-5.5.22
mysql-5.5.23
mysql-5.5.24
mysql-5.5.25
mysql-5.5.25a
mysql-5.5.27
mysql-5.5.28
mysql-5.5.29
mysql-5.5.3-m3
mysql-5.5.30
mysql-5.5.31
mysql-5.5.32
mysql-5.5.33
mysql-5.5.34
mysql-5.5.35
mysql-5.5.36
mysql-5.5.37
mysql-5.5.38
mysql-5.5.39
mysql-5.5.40
mysql-5.5.41
mysql-5.5.42
mysql-5.5.43
mysql-5.5.44
mysql-5.5.45
mysql-5.5.46
mysql-5.5.47
mysql-5.5.48
mysql-5.5.49
mysql-5.5.5-m3
mysql-5.5.50
mysql-5.5.51
mysql-5.5.52
mysql-5.5.53
mysql-5.5.54
mysql-5.5.55
mysql-5.5.56
mysql-5.5.57
mysql-5.5.58
mysql-5.5.59
mysql-5.5.6-rc
mysql-5.5.60
mysql-5.5.61
mysql-5.5.62
mysql-5.5.7
mysql-5.5.8
mysql-5.5.9
Database specific
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-2529.json"
vanir_signatures
[
{
"digest": {
"length": 2210.0,
"function_hash": "187798635510539016189682418505098082941"
},
"source": "https://github.com/mysql/mysql-server/commit/d9497c79642656d22de4b3793a95c0da59a9a11c",
"target": {
"function": "my_security_attr_add_rights_to_group",
"file": "sql/named_pipe.cc"
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false,
"id": "CVE-2019-2529-5b86d61d"
},
{
"digest": {
"length": 144.0,
"function_hash": "26837519910031962208579960435551047409"
},
"source": "https://github.com/mysql/mysql-server/commit/d9497c79642656d22de4b3793a95c0da59a9a11c",
"target": {
"function": "is_valid_named_pipe_full_access_group",
"file": "sql/named_pipe.cc"
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false,
"id": "CVE-2019-2529-ae88507a"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"263681422881958377894833434179388045516",
"34227967018868400139417168886078252286",
"211405111674159804236127907314068938483",
"336177179778354924565609506863842811869",
"97652400968810108276308231514671542363",
"217194880234424306483792886121752311230",
"166990052055614242247479608402588251422",
"227553257219362031908217612048873095955",
"63209679805346329766547427593622053798",
"125433100737068164239943582824289576103",
"205785374211952264327476917668447751418",
"28751166163159939164719139418243207708",
"73419450907713255596968350050043666237",
"272266379427885695502372929064942054469",
"251082445107240256930247755108786770135",
"139969201990488073657108570663939658268",
"13836804552518447882815428370779247521",
"5567108796007743310357975124791684967",
"140483448449013047745871287097265487981",
"110252522556940663461030377517603711076",
"327358532650206480812326628690223987380",
"224936146650475994468898516648038907612",
"211106583799301635163628942735285513208",
"311364755524196593298732271607113484205"
]
},
"source": "https://github.com/mysql/mysql-server/commit/d9497c79642656d22de4b3793a95c0da59a9a11c",
"target": {
"file": "sql/named_pipe.cc"
},
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false,
"id": "CVE-2019-2529-c73930f0"
}
]