Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2020-14641

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).

Related bugs and status

CVE-2020-14641 (Candidate) is related to these bugs:

Bug #1884809: libmysqlclient21 crashes if certain collation definitions are found in MySQL's sharedir

Summary				In	Importance	Status
	1884809	libmysqlclient21 crashes if certain collation definitions are found in MySQL's sharedir		mysql-8.0 (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://www.oracle.com...
CONFIRM: https://security.netap...
UBUNTU: USN-4441-1
GENTOO: GLSA-202105-27