Pingcap Tidb
7 CVEs affecting Pingcap Tidb. Latest disclosed: 2024-09-03. Critical: 2, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-41433 | Critical | 9.8 | 2024-09-03 | PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component expression.ExplainExpressionList. This vulnerability allows attackers to caus… |
CVE-2022-3023 | Critical | 9.8 | 2022-11-04 | Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3. |
CVE-2022-31011 | High | 7.8 | 2022-05-31 | TiDB is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing (HTAP) workloads. Under certain conditions, an attacker can… |
CVE-2024-35618 | High | 7.5 | 2024-05-24 | PingCAP TiDB v7.5.1 was discovered to contain a NULL pointer dereference via the component SortedRowContainer. |
CVE-2022-34969 | High | 7.5 | 2022-08-03 | PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference. |
CVE-2024-33809 | Medium | 6.5 | 2024-05-24 | PingCAP TiDB v7.5.1 was discovered to contain a buffer overflow vulnerability, which could lead to database crashes and denial of service attacks. |
CVE-2024-41434 | Medium | 4.3 | 2024-09-03 | PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component (*Column).GetDecimal. This allows attackers to cause a Denial of Service (DoS… |