diff options
| author | Bernard Spil <brnrd@FreeBSD.org> | 2023-04-22 12:20:32 +0000 |
|---|---|---|
| committer | Bernard Spil <brnrd@FreeBSD.org> | 2023-04-22 12:20:32 +0000 |
| commit | 6c23313ac492689a40ac3b26f8fae7571f447226 (patch) | |
| tree | b2c3fb578b9055a6a89c358169e80068fd5282da | |
| parent | 05b4aff4dc546bcf71d1203c72b6381cb030c5c0 (diff) | |
| download | ports-6c23313ac492689a40ac3b26f8fae7571f447226.tar.gz ports-6c23313ac492689a40ac3b26f8fae7571f447226.zip | |
security/vuxml: Document MySQL 2023Q2 vulnerabilities
| -rw-r--r-- | security/vuxml/vuln/2023.xml | 71 |
1 files changed, 71 insertions, 0 deletions
diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml index 1fe272ebc8d4..a4ab8d31fc74 100644 --- a/security/vuxml/vuln/2023.xml +++ b/security/vuxml/vuln/2023.xml @@ -1,3 +1,74 @@ + <vuln vid="f504a8d2-e105-11ed-85f6-84a93843eb75"> + <topic>MySQL -- Multiple vulnerabilities</topic> + <affects> + <package> + <name>mysql-connector-java</name> + <range><lt>8.0.33</lt></range> + </package> + <package> + <name>mysql-client57</name> + <range><lt>5.7.42</lt></range> + </package> + <package> + <name>mysql-server57</name> + <range><lt>5.7.42</lt></range> + </package> + <package> + <name>mysql-client80</name> + <range><lt>8.0.33</lt></range> + </package> + <package> + <name>mysql-server80</name> + <range><lt>8.0.33</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Oracle reports:</p> + <blockquote cite="https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL"> + <p>This Critical Patch Update contains 34 new security patches, plus + additional third party patches noted below, for Oracle MySQL. 11 of + these vulnerabilities may be remotely exploitable without + authentication, i.e., may be exploited over a network without + requiring user credentials. + </p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2022-37434</cvename> + <cvename>CVE-2023-21912</cvename> + <cvename>CVE-2023-21980</cvename> + <cvename>CVE-2023-21946</cvename> + <cvename>CVE-2023-21929</cvename> + <cvename>CVE-2023-21971</cvename> + <cvename>CVE-2023-21911</cvename> + <cvename>CVE-2023-21962</cvename> + <cvename>CVE-2023-21919</cvename> + <cvename>CVE-2023-21933</cvename> + <cvename>CVE-2023-21972</cvename> + <cvename>CVE-2023-21966</cvename> + <cvename>CVE-2023-21913</cvename> + <cvename>CVE-2023-21917</cvename> + <cvename>CVE-2023-21920</cvename> + <cvename>CVE-2023-21935</cvename> + <cvename>CVE-2023-21945</cvename> + <cvename>CVE-2023-21976</cvename> + <cvename>CVE-2023-21977</cvename> + <cvename>CVE-2023-21982</cvename> + <cvename>CVE-2023-21953</cvename> + <cvename>CVE-2023-21955</cvename> + <cvename>CVE-2023-21940</cvename> + <cvename>CVE-2023-21947</cvename> + <cvename>CVE-2023-21963</cvename> + <url>https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL</url> + </references> + <dates> + <discovery>2023-04-19</discovery> + <entry>2023-04-22</entry> + </dates> + </vuln> + <vuln vid="90c48c04-d549-4fc0-a503-4775e32d438e"> <topic>chromium -- multiple vulnerabilities</topic> <affects> |