Oracle MySQL Server Denial-of-Service Vulnerability in Optimizer Component

Vulnerability

A denial-of-service vulnerability has been identified in the MySQL Server product of Oracle MySQL, specifically within the Optimizer component. This issue affects supported versions 8.0.0 through 8.0.42, 8.4.0 through 8.4.5, and 9.0.0 through 9.3.0. The vulnerability allows a low-privileged attacker with network access, using multiple protocols, to compromise the MySQL Server. Exploitation of this vulnerability can lead to an unauthorized ability to cause the server to hang or crash frequently, resulting in a complete denial-of-service condition for MySQL Server.

Impact

Exploitation of this vulnerability can cause a complete denial-of-service condition, leading to a frequent and repeatable crash of the MySQL Server.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

8.7

impact

2.5

exploitability

4.9

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.7

impact

2.5

exploitability

4.9

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle MySQL Server Denial-of-Service Vulnerability in Optimizer Component

Vulnerability

Impact

Affected Products

Oracle MySQL Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating