CPANSA-DBD-MariaDB-2018-01: DBD-MariaDB vulnerability
| Publisher | giterlizzi | Document category | csaf_security_advisory |
|---|---|---|---|
| Initial release date | 2017-07-01T00:00:00 | Engine | CSAF Perl Toolkit 0.25 |
| Current release date | 2017-07-01T00:00:00 | Build Date | |
| Current version | 1 | Status | final |
| CVSS v3.1 Base Score | 3.1 | Severity | |
| Original language | Language | en | |
| Also referred to | |||
Vulnerability Description
SSL problems of MySQL and MariaDB clients.
Vulnerabilities
CVE-2018-2767
Vulnerability DescriptionVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).
Product status
Known affected
| Product | Score | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| DBD-MariaDB less than 1.00 |
|
Fixed
- DBD-MariaDB greater than or equal 1.00
giterlizzi
Namespace: https://github.com/giterlizzi/
gdt@cpan.org
References
- CPANSA-DBD-MariaDB-2018-01 JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2017/cpansa-dbd-mariadb-2018-01.json - https://metacpan.org/changes/distribution/DBD-MariaDB external
https://metacpan.org/changes/distribution/DBD-MariaDB - CVE-2018-2767 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2018-2767
Revision history
| Version | Date of the revision | Summary of the revision |
|---|---|---|
| 1 | Sat Jul 1 00:00:00 2017 | First release |
Sharing rules
TLP:WHITE
For the TLP version see: https://www.first.org/tlp/