Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
dev-db
The dev-db category contains libraries and utilities for database related programming.
Packages
Stabilization
15
Outdated
28
Pull requests
18
Bugs
367
Security
41
Security Bug Reports
dev-db/{mariadb,mysql,percona-server,mysql-connector-c}: ENABLED_LOCAL_INFILE in the client is exploitable by the server
675904 - Assigned to Gentoo Security
dev-db/percona-server: multiple vulnerabilities (CVE-2019-{2938,2974})
699880 - Assigned to Gentoo Security
<dev-db/sqlcipher-4.5.1: use after free leading to DoS (CVE-2020-27207)
760690 - Assigned to Gentoo Security
<dev-db/mongodb-{4.0.20,4.2.10}: multiple vulnerabilities (CVE-2019-2392, CVE-2020-{7925,7928})
760827 - Assigned to Gentoo Security
<dev-db/mongodb-{4.2.15,4.4.4}: DoS via crafted find query (CVE-2021-20326)
798132 - Assigned to Gentoo Security
dev-db/percona-server: multiple vulnerabilities
803635 - Assigned to Gentoo Security
<dev-db/mysql-{5.7.36,8,0,27}: multiple vulnerabilities (Oracle CPU Oct 2021)
819891 - Assigned to Gentoo Security
dev-db/redis: integer overflow via bundled hiredis
821346 - Assigned to Gentoo Security
<dev-db/mariadb-{10.2.41,10.3.32,10.4.22,10.5.13}: server compromise
822759 - Assigned to Gentoo Security
<dev-db/pgbouncer-1.16.1: arbitrary query injection via MITM (CVE-2021-3935)
826614 - Assigned to Gentoo Security
<dev-db/mysql-{5.7.40,8.0.31}: multiple vulnerabilities (Oracle CPU Jan 2022)
831442 - Assigned to Gentoo Security
<dev-db/mariadb-{10.2.43,10.3.34,10.4.25,10.5.15,10.6.8}: multiple vulnerabilities (CVE-2021-{46661,46662,46663,46664,46665,46666,46667,46668,46669})
832490 - Assigned to Gentoo Security
dev-db/sqlite: record leakage
833451 - Assigned to Gentoo Security
<dev-db/mariadb-{10.2.44,10.3.35,10.4.25,10.5.16,10.6.8}: multiple vulnerabilities
838244 - Assigned to Gentoo Security
<dev-db/mysql-{5.7.36,8.0.31}: multiple vulnerabilities (Oracle CPU Apr 2022)
839987 - Assigned to Gentoo Security
<dev-db/mariadb-{10.2.43,10.3.34,10.4.25,10.5.15,10.6.8}: multiple vulnerabilities (CVE-2022-{31621-31624})
847526 - Assigned to Gentoo Security
<dev-db/percona-xtrabackup{-bin,}-8.0.29.22: sensitive arguments leaked into backup file
849389 - Assigned to Gentoo Security
<dev-db/mariadb-{10.3.36, 10.4.26, 10.5.17, 10.6.10}: multiple vulnerabilities
856484 - Assigned to Gentoo Security
<dev-db/mysql-{5.7.40, 8.0.31}: multiple vulnerabilities (Oracle CPU July 2022)
859388 - Assigned to Gentoo Security
<dev-db/mysql-{5.7.40, 8.0.31}: multiple vulnerabilities (Oracle CPU Oct 2022)
877593 - Assigned to Gentoo Security
dev-db/percona-xtrabackup{-bin,}: directory traversal (or memory corruption?)
882783 - Assigned to Gentoo Security
<dev-db/redis-{6.2.9,7.0.8}: Multiple vulnerabilities
891169 - Assigned to Gentoo Security
<dev-db/mysql-{5.7.41, 8.0.32}: multiple vulnerabilities (Oracle CPU January 2023)
891319 - Assigned to Gentoo Security
<dev-db/mariadb-{10.4.29, 10.5.20, 10.6.13, 10.11.3}: null pointer dereference vulnerability
891781 - Assigned to Gentoo Security
<dev-db/redis-{6.2.11,7.0.9}: Multiple vulnerabilities
898464 - Assigned to Gentoo Security
<dev-db/redis-7.0.10: Specially crafted MSETNX command can lead to assertion and denial-of-service
902501 - Assigned to Gentoo Security
<dev-db/redis-{6.2.12, 7.0.11}: insufficient validation of HINCRBYFLOAT command
904486 - Assigned to Gentoo Security
<dev-db/etcd-3.4.26: key name disclosure
906656 - Assigned to Gentoo Security
<dev-db/percona-xtrabackup-{2.4.28,8.0.29.22}: arbitrary shell execution via crafted filename
908033 - Assigned to Gentoo Security
<dev-db/redis-{6.2.13, 7.0.12}: Multiple vulnerabilities
910191 - Assigned to Gentoo Security
dev-db/mysql: multiple vulnerabilities (Oracle CPU July 2023)
910578 - Assigned to Gentoo Security
<dev-db/postgresql-{11.21:11,12.16:12,13.12:13,14.9:14,15.4:15}: multiple vulnerabilites
912251 - Assigned to Gentoo Security
<dev-db/redis-{7.0.13, 7.2.1}: Redis SORT_RO may bypass ACL configuration
913741 - Assigned to Gentoo Security
<dev-db/redis-{6.2.14,7.0.14,7.2.2}: Redis Unix-domain socket may be exposed with the wrong permissions for a short time window
915989 - Assigned to Gentoo Security
<dev-db/postgresql-{11.22,12.17,13.13,14.10,15.5}: multiple vulnerabilities
917153 - Assigned to Gentoo Security
<dev-db/mariadb-{10.6.16,10.11.6}: denial of service
917515 - Assigned to Gentoo Security
<dev-db/etcd-3.4.28: http/2 rapid reset vulnerability
918419 - Assigned to Gentoo Security
dev-db/mysql: multiple vulnerabilities (Oracle CPU Oct 2023)
918698 - Assigned to Gentoo Security
<dev-db/redis-{7.0.15,7.2.4}: Buffer resizing issue leading to heap overflow and potential RCE
921662 - Assigned to Gentoo Security
<dev-db/postgresql:{12.19:12,13.14:13,14.11:14,15.6:15,16.2:16}: privilege escalation
924110 - Assigned to Gentoo Security
dev-db/mysql: multiple vulnerabilities (Oracle CPU Jan 2024)
925125 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.