Suyang Zhong

**Name of the Vulnerable Software and Affected Versions** Oracle MySQL Server versions 8.0.35 and prior Oracle MySQL Server versions 8.2.0 and prior **Description** The issue is related to insufficient input validation in the Server: Optimizer component of Oracle MySQL Server. This allows a low-privileged attacker with network access via multiple protocols to compromise the MySQL Server. Successful attacks can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MySQL Server. **Recommendations** For Oracle MySQL Server versions 8.0.35 and prior, update to a version that includes the fix for this issue. For Oracle MySQL Server versions 8.2.0 and prior, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting network access to the MySQL Server to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.