FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
31344707-5d87-11eb-929d-d4c9ef517024MySQL -- Multiple vulnerabilities

Oracle reports:

This Critical Patch Update contains 34 new security patches for Oracle MySQL Server and 4 for MySQL Client.

The highest CVSS v3.1 Base Score of vulnerabilities affecting Oracle MySQL is 6.8.


Discovery 2021-01-23
Entry 2021-01-23
mysql56-client
< 5.6.51

mysql57-client
< 5.7.33

mysql80-client
< 8.0.23

mysql56-server
< 5.6.51

mysql57-server
< 5.7.33

mysql80-server
< 8.0.23

https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL
CVE-2021-2046
CVE-2021-2020
CVE-2021-2024
CVE-2021-2011
CVE-2021-2006
CVE-2021-2048
CVE-2021-2028
CVE-2021-2122
CVE-2021-2058
CVE-2021-2001
CVE-2021-2016
CVE-2021-2021
CVE-2021-2030
CVE-2021-2031
CVE-2021-2036
CVE-2021-2055
CVE-2021-2060
CVE-2021-2070
CVE-2021-2076
CVE-2021-2065
CVE-2021-2014
CVE-2021-2002
CVE-2021-2012
CVE-2021-2009
CVE-2021-2072
CVE-2021-2081
CVE-2021-2022
CVE-2021-2038
CVE-2021-2061
CVE-2021-2056
CVE-2021-2087
CVE-2021-2088
CVE-2021-2032
CVE-2021-2010
CVE-2021-1998
CVE-2021-2007
CVE-2021-2019
CVE-2021-2042
851a0eea-88aa-11e5-90e7-b499baebfeafMySQL - Multiple vulnerabilities

Oracle reports:

Critical Patch Update: MySQL Server, version(s) 5.5.45 and prior, 5.6.26 and prior


Discovery 2015-11-10
Entry 2015-11-11
mariadb-client
< 5.3.13

mariadb-server
< 5.3.13

mariadb55-client
< 5.5.46

mariadb55-server
< 5.5.46

mariadb100-client
< 10.0.22

mariadb100-server
< 10.0.22

mysql55-client
< 5.5.46

mysql55-server
< 5.5.46

mysql56-client
< 5.6.27

mysql56-server
< 5.6.27

percona55-client
< 5.5.46

percona55-server
< 5.5.46

percona56-client
< 5.6.27

percona56-server
< 5.6.27

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
CVE-2015-4802
CVE-2015-4807
CVE-2015-4815
CVE-2015-4826
CVE-2015-4830
CVE-2015-4836
CVE-2015-4858
CVE-2015-4861
CVE-2015-4870
CVE-2015-4913
CVE-2015-4792
https://mariadb.com/kb/en/mariadb/mariadb-5546-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-10022-release-notes/
https://www.percona.com/doc/percona-server/5.5/release-notes/Percona-Server-5.5.46-37.5.html
https://www.percona.com/doc/percona-server/5.6/release-notes/Percona-Server-5.6.27-75.0.html
622b5c47-855b-11ea-a5e2-d4c9ef517024MySQL Client -- Multiple vulerabilities

Oracle reports:

This Critical Patch Update contains 45 new security patches for Oracle MySQL. 9 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.


Discovery 2020-04-14
Entry 2020-04-23
mysql56-client
< 5.6.48

mysql57-client
< 5.7.30

mysql80-client
< 8.0.20

mysql-connector-c
< 8.0.20

mysql-connector-c++
< 8.0.20

mysql-connector-java
< 8.0.20

percona55-client
< 5.5.68

percona56-client
< 5.6.48

percona57-client
< 5.7.30

https://www.oracle.com/security-alerts/cpujan2020.html
CVE-2020-2752
CVE-2020-2934
CVE-2020-2875
CVE-2020-2922
CVE-2020-2933
dc596a17-7a9e-11e6-b034-f0def167eeeaRemote-Code-Execution vulnerability in mysql and its variants CVE 2016-6662

LegalHackers' reports:

RCE Bugs discovered in MySQL and its variants like MariaDB. It works by manipulating my.cnf files and using --malloc-lib. The bug seems fixed in MySQL 5.7.15 by Oracle


Discovery 2016-09-12
Entry 2016-11-24
Modified 2016-11-24
mysql57-client
mysql57-server
< 5.7.15

mysql56-client
mysql56-server
< 5.6.33

mysql55-client
mysql55-server
< 5.5.52

http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html
22373c43-d728-11e6-a9a5-b499baebfeafMySQL -- multiple vulnerabilities

The MySQL project reports:

  • CVE-2016-3492: Remote security vulnerability in 'Server: Optimizer' sub component.
  • CVE-2016-5616, CVE-2016-6663: Race condition allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
  • CVE-2016-5617, CVE-2016-6664: mysqld_safe, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.
  • CVE-2016-5624: Remote security vulnerability in 'Server: DML' sub component.
  • CVE-2016-5626: Remote security vulnerability in 'Server: GIS' sub component.
  • CVE-2016-5629: Remote security vulnerability in 'Server: Federated' sub component.
  • CVE-2016-8283: Remote security vulnerability in 'Server: Types' sub component.

Discovery 2016-09-13
Entry 2017-01-14
mariadb55-client
mariadb55-server
< 5.5.52

mariadb100-client
mariadb100-server
< 10.0.28

mariadb101-client
mariadb101-server
< 10.1.18

mysql55-client
mysql55-server
< 5.5.52

mysql56-client
mysql56-server
< 5.6.33

mysql57-client
mysql57-server
< 5.7.15

percona55-client
percona55-server
< 5.5.51.38.2

percona56-client
percona56-server
< 5.6.32.78.1

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL
https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/
CVE-2016-3492
CVE-2016-5616
CVE-2016-5617
CVE-2016-5624
CVE-2016-5626
CVE-2016-5629
CVE-2016-6663
CVE-2016-6664
CVE-2016-8283
0ed71663-c369-11ea-b53c-d4c9ef517024MySQL -- Multiple vulnerabilities

Oracle reports:

This Critical Patch Update contains 40 new security patches for Oracle MySQL. 6 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.

The highest CVSS v3.1 Base Score of vulnerabilities affecting Oracle MySQL is 9.8.

This Pre-Release Announcement provides advance information about the Oracle Critical Patch Update for July 2020, which will be released on Tuesday, July 14, 2020.


Discovery 2020-07-07
Entry 2020-07-11
mysql56-client
< 5.6.49

mysql56-server
< 5.6.49

mysql57-client
< 5.7.31

mysql57-server
< 5.7.31

mysql80-client
< 8.0.21

mysql80-server
< 8.0.21

https://www.oracle.com/security-alerts/cpujul2020.html