3 results (0.011 seconds)

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

04 Nov 2022 — Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3. Uso de una Cadena de Formato Controlada Externamente en el repositorio de GitHub pingcap/tidb anterior a las versiones 6.4.0 y 6.1.3. • https://github.com/pingcap/tidb/commit/d0376379d615cc8f263a0b17c031ce403c8dcbfb • CWE-134: Use of Externally-Controlled Format String •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

03 Aug 2022 — PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference. Se ha detectado que PingCAP TiDB versión v6.1.0, contiene una desreferencia de puntero NULL. • https://github.com/pingcap/tidb/issues/35310 • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

31 May 2022 — TiDB is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing (HTAP) workloads. Under certain conditions, an attacker can construct malicious authentication requests to bypass the authentication process, resulting in privilege escalation or unauthorized access. Only users using TiDB 5.3.0 are affected by this vulnerability. TiDB version 5.3.1 contains a patch for this issue. Other mitigation strategies include turning off Security Enhanced Mode (SEM), disabling local lo... • https://github.com/pingcap/tidb/releases/tag/v5.3.1 • CWE-287: Improper Authentication •