Oracle MySQL Server
Easy fix1 remedy
cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*
Easy fix1 remedy
- >= 8.0.0, <= 8.0.41
- >= 8.4.0, <= 8.4.4
- >= 9.0.0, <= 9.2.0
Oracle MySQL Server Vulnerability in Optimizer Component Allows Denial-of-Service
Vulnerability
A denial-of-service vulnerability has been identified in the MySQL Server product of Oracle MySQL, specifically within the Server: Optimizer component. This vulnerability affects MySQL Server versions 8.0.0-8.0.41, 8.4.0-8.4.4, and 9.0.0-9.2.0. The issue is easily exploitable, allowing a low-privileged attacker with network access via multiple protocols to cause a complete hang or frequently repeatable crash of the MySQL Server.
Impact
Exploitation of this vulnerability leads to a complete denial-of-service condition, causing MySQL Server to hang or crash frequently and repetitively.
Remediation
Users can apply the latest security patches available through the Oracle MySQL Critical Patch Update April 2025. Instructions for applying these patches can be found in the MySQL Patch Availability Document on My Oracle Support.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
8.7impact
2.5exploitability
4.9remediation
8.3relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.