FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

MySQL -- Multiple vulnerabilities

Affected packages
	mariadb103-server	<	10.3.29
	mariadb104-server	<	10.4.19
	mariadb105-server	<	10.5.10
	mysql56-server	<	5.6.52
	mysql57-server	<	5.7.34
	mysql80-server	<	8.0.24

Details

VuXML ID	56ba4513-a1be-11eb-9072-d4c9ef517024
Discovery	2021-04-20
Entry	2021-04-20
Modified	2021-05-04

Oracle reports:

This Critical Patch Update contains 49 new security patches for Oracle MySQL. 10 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.
The highest CVSS v3.1 Base Score of vulnerabilities affecting Oracle MySQL is 9.8.

MariaDB is affected by CVE-2021-2166 and CVE-2021-2154 only

[source]

References

CVE Name	CVE-2020-1971
CVE Name	CVE-2020-28196
CVE Name	CVE-2020-8277
CVE Name	CVE-2021-2144
CVE Name	CVE-2021-2146
CVE Name	CVE-2021-2154
CVE Name	CVE-2021-2160
CVE Name	CVE-2021-2162
CVE Name	CVE-2021-2164
CVE Name	CVE-2021-2166
CVE Name	CVE-2021-2169
CVE Name	CVE-2021-2170
CVE Name	CVE-2021-2171
CVE Name	CVE-2021-2172
CVE Name	CVE-2021-2174
CVE Name	CVE-2021-2178
CVE Name	CVE-2021-2179
CVE Name	CVE-2021-2180
CVE Name	CVE-2021-2193
CVE Name	CVE-2021-2194
CVE Name	CVE-2021-2196
CVE Name	CVE-2021-2201
CVE Name	CVE-2021-2202
CVE Name	CVE-2021-2203
CVE Name	CVE-2021-2208
CVE Name	CVE-2021-2212
CVE Name	CVE-2021-2213
CVE Name	CVE-2021-2215
CVE Name	CVE-2021-2217
CVE Name	CVE-2021-2226
CVE Name	CVE-2021-2230
CVE Name	CVE-2021-2232
CVE Name	CVE-2021-2278
CVE Name	CVE-2021-2293
CVE Name	CVE-2021-2298
CVE Name	CVE-2021-2299
CVE Name	CVE-2021-2300
CVE Name	CVE-2021-2301
CVE Name	CVE-2021-2304
CVE Name	CVE-2021-2305
CVE Name	CVE-2021-2307
CVE Name	CVE-2021-2308
CVE Name	CVE-2021-23841
CVE Name	CVE-2021-3449
URL	https://mariadb.com/kb/en/mariadb-10510-release-notes/
URL	https://www.oracle.com/security-alerts/cpuapr2021.html