Yiyuaner

**Name of the Vulnerable Software and Affected Versions** zstd version 1.4.10 MySQL Server versions 8.0.33 and earlier **Description** A vulnerability was found where an attacker can supply an empty string as an argument to the command line tool to cause buffer overrun. This issue can be exploited by a high-privileged attacker with network access via multiple protocols to compromise MySQL Server, potentially resulting in unauthorized ability to cause a hang or frequently repeatable crash of MySQL Server. **Recommendations** For zstd version 1.4.10, consider disabling the command line tool until a patch is available. For MySQL Server versions 8.0.33 and earlier, update to a version later than 8.0.33 to resolve the issue. As a temporary workaround, restrict access to the command line tool to minimize the risk of exploitation.