Oracle MySQL Server Thread Pooling Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in the MySQL Server product of Oracle MySQL, specifically in the Server: Thread Pooling component. This vulnerability affects MySQL Server versions 8.0.39 and prior, 8.4.2 and prior, and 9.0.1 and prior. The issue is easily exploitable, allowing an unauthenticated attacker with network access via multiple protocols to compromise the MySQL Server. Successful exploitation can lead to unauthorized actions causing the server to hang or crash frequently, resulting in a complete denial-of-service condition.

Impact

Exploitation of this vulnerability can cause a complete denial-of-service condition on the MySQL Server, leading to a frequent and repeatable crash or hang of the server.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.7

impact

2.5

exploitability

7.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.7

impact

2.5

exploitability

7.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle MySQL Server Thread Pooling Denial-of-Service Vulnerability

Vulnerability

Impact

Affected Products

Oracle MySQL Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating