CVE-2024-21057

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Configurations

Configuration 1 (hide)

cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*

History

09 Apr 2025, 16:09

Type Values Removed Values Added
References () https://www.oracle.com/security-alerts/cpuapr2024.html - () https://www.oracle.com/security-alerts/cpuapr2024.html - Vendor Advisory
First Time Oracle
Oracle mysql Server
CPE cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*

Information

Published : 2024-04-16 22:15

Updated : 2025-04-09 16:09


NVD link : CVE-2024-21057

Mitre link : CVE-2024-21057

CVE.ORG link : CVE-2024-21057


JSON object : View

Products Affected

oracle

  • mysql_server
CWE
CWE-400

Uncontrolled Resource Consumption