CVE-2023-22095

Name of the Vulnerable Software and Affected Versions MySQL Server version 8.1.0 MySQL Server versions prior to 8.1.0

Description The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server, allowing a low-privileged attacker with network access via multiple protocols to compromise the server. Successful attacks can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.

Recommendations For MySQL Server version 8.1.0, update to a version that includes the fix for this issue. For MySQL Server versions prior to 8.1.0, update to a version that includes the fix for this issue or apply configuration changes to restrict access to the vulnerable component. As a temporary workaround, consider restricting access to the Server: Optimizer component until a patch is available.