CVE-2022-21303

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

References

Affected packages

Git / github.com/mysql/mysql-server

Affected ranges

Type: GIT
Repo: https://github.com/mysql/mysql-server
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

0ed6d65f4c60a38e77a672fc528efd3f44bc7701

Introduced

270fd3411e3d671a73ed9725940a30080f59ce6d

Last affected

3290a66c89eb1625a7058e0ef732432b6952b435

Affected versions

mysql-5.*

mysql-5.5.52

mysql-5.5.53

mysql-5.5.54

mysql-5.5.55

mysql-5.5.56

mysql-5.5.57

mysql-5.5.58

mysql-5.5.59

mysql-5.5.60

mysql-5.5.61

mysql-5.5.62

mysql-5.5.63

mysql-5.6.33

mysql-5.6.34

mysql-5.6.35

mysql-5.6.36

mysql-5.6.37

mysql-5.6.38

mysql-5.6.39

mysql-5.6.40

mysql-5.6.41

mysql-5.6.42

mysql-5.6.43

mysql-5.6.45

mysql-5.6.46

mysql-5.6.47

mysql-5.6.48

mysql-5.6.49

mysql-5.6.50

mysql-5.6.51

mysql-5.7.15

mysql-5.7.16

mysql-5.7.17

mysql-5.7.18

mysql-5.7.19

mysql-5.7.20

mysql-5.7.21

mysql-5.7.22

mysql-5.7.24

mysql-5.7.25

mysql-5.7.26

mysql-5.7.27

mysql-5.7.28

mysql-5.7.29

mysql-5.7.30

mysql-5.7.31

mysql-5.7.32

mysql-5.7.33

mysql-5.7.34

mysql-5.7.35

mysql-5.7.36

mysql-8.*

mysql-8.0.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-21303.json"