Anton Fedorov

**Name of the Vulnerable Software and Affected Versions** Oracle MySQL versions 8.0.0 through 8.0.44 Oracle MySQL versions 8.4.0 through 8.4.7 Oracle MySQL versions 9.0.0 through 9.5.0 **Description** An issue exists in the Server: Optimizer component of Oracle MySQL Server. The problem is related to insufficient input validation. A remote attacker can trigger a denial-of-service (DOS) condition, potentially causing a hang or frequent crashes of the MySQL Server. The vulnerability is easily exploitable and requires network access via multiple protocols. An attacker with low privileges can compromise the server. **Recommendations** Oracle MySQL versions 8.0.0 through 8.0.44: Update to a later version. Oracle MySQL versions 8.4.0 through 8.4.7: Update to a later version. Oracle MySQL versions 9.0.0 through 9.5.0: Update to a later version.