Vulnerability CVE-2022-4899: Information
Description
A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
MySQL | sisyphus | 8.0.34-alt1 | 8.0.36-alt1 | ALT-PU-2023-7321-2 | 334626 | Fixed |
MySQL | sisyphus_e2k | 8.0.35-alt1.1 | 8.0.36-alt1 | ALT-PU-2023-7453-1 | - | Fixed |
MySQL | p10 | 8.0.35-alt1.1 | 8.0.36-alt1 | ALT-PU-2023-7463-2 | 334633 | Fixed |
MySQL | p10_e2k | 8.0.35-alt1.1 | 8.0.36-alt1 | ALT-PU-2023-7717-1 | - | Fixed |
MySQL | c10f1 | 8.0.35-alt1.1 | 8.0.36-alt1 | ALT-PU-2023-7888-3 | 335803 | Fixed |
MySQL | c9f2 | 8.0.35-alt1.0.c9.1 | 8.0.36-alt0.c9.1 | ALT-PU-2023-7647-3 | 335317 | Fixed |