UBUNTU-CVE-2019-2920
See a problem?- Source
- https://ubuntu.com/security/notices/UBUNTU-CVE-2019-2920
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-2920.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2019-2920
- Related
- Published
- 2019-10-16T18:15:00Z
- Modified
- 2019-10-16T18:15:00Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- [none]
- Details
-
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Supported versions that are affected are 5.3.13 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
- References
-
- https://ubuntu.com/security/CVE-2019-2920
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
- http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
- https://ubuntu.com/security/notices/USN-4195-1
- https://www.cve.org/CVERecord?id=CVE-2019-2920
Affected packages
Ubuntu:Pro:14.04:LTS / mysql-5.5
Package
- Name
- mysql-5.5
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.5.32-0ubuntu7
5.5.34-0ubuntu1
5.5.34-0ubuntu2
5.5.35-0ubuntu1
5.5.35+dfsg-1ubuntu1
5.5.37-0ubuntu0.14.04.1
5.5.38-0ubuntu0.14.04.1
5.5.40-0ubuntu0.14.04.1
5.5.41-0ubuntu0.14.04.1
5.5.43-0ubuntu0.14.04.1
5.5.44-0ubuntu0.14.04.1
5.5.46-0ubuntu0.14.04.2
5.5.47-0ubuntu0.14.04.1
5.5.49-0ubuntu0.14.04.1
5.5.50-0ubuntu0.14.04.1
5.5.52-0ubuntu0.14.04.1
5.5.53-0ubuntu0.14.04.1
5.5.54-0ubuntu0.14.04.1
5.5.55-0ubuntu0.14.04.1
5.5.57-0ubuntu0.14.04.1
5.5.58-0ubuntu0.14.04.1
5.5.59-0ubuntu0.14.04.1
5.5.60-0ubuntu0.14.04.1
5.5.61-0ubuntu0.14.04.1
5.5.62-0ubuntu0.14.04.1
Ubuntu:20.04:LTS / mysql-8.0
Package
- Name
- mysql-8.0
- Purl
- pkg:deb/ubuntu/mysql-8.0@8.0.18-0ubuntu3?arch=src?distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.0.18-0ubuntu3
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "medium",
"binaries": [
{
"libmysqlclient21-dbgsym": "8.0.18-0ubuntu3",
"mysql-client": "8.0.18-0ubuntu3",
"mysql-testsuite-8.0-dbgsym": "8.0.18-0ubuntu3",
"mysql-client-core-8.0-dbgsym": "8.0.18-0ubuntu3",
"mysql-server": "8.0.18-0ubuntu3",
"libmysqlclient21": "8.0.18-0ubuntu3",
"mysql-testsuite": "8.0.18-0ubuntu3",
"mysql-router-dbgsym": "8.0.18-0ubuntu3",
"mysql-source-8.0": "8.0.18-0ubuntu3",
"libmysqlclient-dev": "8.0.18-0ubuntu3",
"mysql-server-8.0": "8.0.18-0ubuntu3",
"mysql-client-8.0": "8.0.18-0ubuntu3",
"mysql-router": "8.0.18-0ubuntu3",
"mysql-server-core-8.0": "8.0.18-0ubuntu3",
"mysql-testsuite-8.0": "8.0.18-0ubuntu3",
"mysql-server-core-8.0-dbgsym": "8.0.18-0ubuntu3",
"mysql-client-core-8.0": "8.0.18-0ubuntu3"
}
]
}