CVE-2020-14550
- Source
- https://cve.org/CVERecord?id=CVE-2020-14550
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-14550.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2020-14550
- Aliases
- Downstream
- Related
- Published
- 2020-07-15T18:15:18.147Z
- Modified
- 2026-03-14T14:43:56.166504Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).
- References
-
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/
- https://security.gentoo.org/glsa/202105-27
- https://security.netapp.com/advisory/ntap-20210622-0001/
- https://usn.ubuntu.com/4441-1/
- https://www.oracle.com/security-alerts/cpujul2020.html
Affected packages
Git / github.com/mariadb/server
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mariadb/server
- Events
-
IntroducedFixedIntroducedFixedIntroducedFixedIntroducedFixed
- Database specific
{ "versions": [ { "introduced": "5.5.0" }, { "fixed": "5.5.61" }, { "introduced": "10.0.0" }, { "fixed": "10.0.35" }, { "introduced": "10.1.0" }, { "fixed": "10.1.33" }, { "introduced": "10.2.0" }, { "fixed": "10.2.15" } ] }
Affected versions
mariadb-10.*
mariadb-10.1.0
mysql-5.*
mysql-5.5.42
mysql-5.5.43
mysql-5.5.44
mysql-5.5.45
mysql-5.5.46
mysql-5.5.47
mysql-5.5.48
mysql-5.5.49
mysql-5.5.50
mysql-5.5.51
mysql-5.5.52
mysql-5.5.53
mysql-5.5.54
mysql-5.5.55
mysql-5.5.56
mysql-5.5.57
mysql-5.5.58
mysql-5.5.59
mysql-5.5.60
mysql-5.5.61
mysql-5.5.62
mysql-5.5.63
mysql-5.6.33
mysql-5.6.34
mysql-5.6.35
mysql-5.6.36
mysql-5.6.37
mysql-5.6.38
mysql-5.6.39
mysql-5.6.40
mysql-5.6.41
mysql-5.6.42
mysql-5.6.43
mysql-5.6.45
mysql-5.6.46
mysql-5.6.47
mysql-5.7-22-ndb-7.6.6
mysql-5.7.15
mysql-5.7.16
mysql-5.7.17
mysql-5.7.18
mysql-5.7.19
mysql-5.7.20
mysql-5.7.21
mysql-5.7.22
mysql-5.7.24
mysql-5.7.25
mysql-5.7.26
mysql-5.7.27
mysql-5.7.28
mysql-5.7.29
mysql-8.*
mysql-8.0.0
mysql-8.0.1
mysql-8.0.11
mysql-8.0.12
mysql-8.0.13
mysql-8.0.14
mysql-8.0.15
mysql-8.0.16
mysql-8.0.17
mysql-8.0.18
mysql-8.0.19
mysql-8.0.2
mysql-8.0.20
mysql-8.0.3
mysql-8.0.4
mysql-cluster-7.*
mysql-cluster-7.2.24
mysql-cluster-7.2.25
mysql-cluster-7.2.26
mysql-cluster-7.2.27
mysql-cluster-7.2.28
mysql-cluster-7.2.29
mysql-cluster-7.2.30
mysql-cluster-7.2.31
mysql-cluster-7.2.32
mysql-cluster-7.2.33
mysql-cluster-7.2.34
mysql-cluster-7.2.35
mysql-cluster-7.2.37
mysql-cluster-7.2.38
mysql-cluster-7.2.39
mysql-cluster-7.2.40
mysql-cluster-7.3.13
mysql-cluster-7.3.14
mysql-cluster-7.3.15
mysql-cluster-7.3.16
mysql-cluster-7.3.17
mysql-cluster-7.3.18
mysql-cluster-7.3.19
mysql-cluster-7.3.20
mysql-cluster-7.3.21
mysql-cluster-7.3.22
mysql-cluster-7.3.23
mysql-cluster-7.3.24
mysql-cluster-7.3.25
mysql-cluster-7.3.26
mysql-cluster-7.3.27
mysql-cluster-7.3.28
mysql-cluster-7.4.11
mysql-cluster-7.4.12
mysql-cluster-7.4.13
mysql-cluster-7.4.14
mysql-cluster-7.4.15
mysql-cluster-7.4.16
mysql-cluster-7.4.17
mysql-cluster-7.4.18
mysql-cluster-7.4.19
mysql-cluster-7.4.20
mysql-cluster-7.4.21
mysql-cluster-7.4.23
mysql-cluster-7.4.24
mysql-cluster-7.4.25
mysql-cluster-7.4.26
mysql-cluster-7.4.27
mysql-cluster-7.5.1
mysql-cluster-7.5.10
mysql-cluster-7.5.11
mysql-cluster-7.5.12
mysql-cluster-7.5.13
mysql-cluster-7.5.14
mysql-cluster-7.5.15
mysql-cluster-7.5.16
mysql-cluster-7.5.17
mysql-cluster-7.5.2
mysql-cluster-7.5.3
mysql-cluster-7.5.4
mysql-cluster-7.5.5
mysql-cluster-7.5.6
mysql-cluster-7.5.7
mysql-cluster-7.5.8
mysql-cluster-7.5.9
mysql-cluster-7.6.10
mysql-cluster-7.6.11
mysql-cluster-7.6.12
mysql-cluster-7.6.13
mysql-cluster-7.6.2
mysql-cluster-7.6.3
mysql-cluster-7.6.4
mysql-cluster-7.6.5
mysql-cluster-7.6.6
mysql-cluster-7.6.7
mysql-cluster-7.6.8
mysql-cluster-7.6.9
mysql-cluster-8.*
mysql-cluster-8.0.16
mysql-cluster-8.0.18
mysql-cluster-8.0.19
mysql-cluster-8.0.20
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "5.6.0"
},
{
"last_affected": "5.6.48"
}
]
},
{
"events": [
{
"introduced": "5.7.0"
},
{
"last_affected": "5.7.30"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "31"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "32"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "33"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "18.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "20.04"
}
]
}
]
vanir_signatures
[
{
"id": "CVE-2020-14550-054c046b",
"signature_type": "Function",
"target": {
"file": "sql-common/client.c",
"function": "unpack_fields"
},
"deprecated": false,
"digest": {
"function_hash": "88964842003053574630259804416355278302",
"length": 3281.0
},
"signature_version": "v1",
"source": "https://github.com/mariadb/server/commit/e48d775c6f066add457fa8cfb2ebc4d5ff0c7613"
},
{
"id": "CVE-2020-14550-404642c2",
"signature_type": "Function",
"target": {
"file": "sql-common/client.c",
"function": "cli_read_rows"
},
"deprecated": false,
"digest": {
"function_hash": "30804943894516639331708306752096632231",
"length": 2052.0
},
"signature_version": "v1",
"source": "https://github.com/mariadb/server/commit/e48d775c6f066add457fa8cfb2ebc4d5ff0c7613"
},
{
"id": "CVE-2020-14550-c0d67519",
"signature_type": "Line",
"target": {
"file": "sql-common/client.c"
},
"deprecated": false,
"digest": {
"line_hashes": [
"78191142045503767829834019020932019650",
"250157719937173868004615858289264688140",
"312170375706132797718465719883724591296",
"15117071355854376419182426407334479680",
"140920309514825384561268578794081140775",
"130933521110411440899075290412605664940",
"28770826883863233939468445958714821618",
"49331132400223798885681869446783630656"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://github.com/mariadb/server/commit/e48d775c6f066add457fa8cfb2ebc4d5ff0c7613"
}
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-14550.json"