You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2024 20965
About this tag
CVE-2024-20965 is a denial-of-service vulnerability in the MySQL Server Optimizer, addressed in Oracle's January 2024 Critical Patch Update. It affects MySQL 8.0.35 and earlier, and MySQL 8.2.0 and earlier, including NDB Cluster variants. A high-privileged attacker with network access can exploit this flaw to cause uncontrolled resource consumption, leading to server hangs or crashes. The vulnerability does not allow data theft or modification, and has a CVSS v3.1 base score of 4.9 for availability impact. Users should apply the latest patches from Oracle or their Linux distribution to mitigate this issue.
Oracle’s January 2024 Critical Patch Update included a formally tracked flaw—CVE-2024-20965—that targets the MySQL Server Optimizer and can be exploited to cause a sustained or repeatedly reproducible denial-of-service (DoS) condition. Affected upstream releases include MySQL 8.0.35 and earlier...