Pingcap Tidb

7 CVEs affecting Pingcap Tidb. Latest disclosed: 2024-09-03. Critical: 2, High: 3.

Top CVEs affecting Pingcap Tidb
CVESeverityScorePublishedSummary
CVE-2024-41433Critical9.82024-09-03PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component expression.ExplainExpressionList. This vulnerability allows attackers to caus…
CVE-2022-3023Critical9.82022-11-04Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3.
CVE-2022-31011High7.82022-05-31TiDB is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing (HTAP) workloads. Under certain conditions, an attacker can…
CVE-2024-35618High7.52024-05-24PingCAP TiDB v7.5.1 was discovered to contain a NULL pointer dereference via the component SortedRowContainer.
CVE-2022-34969High7.52022-08-03PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference.
CVE-2024-33809Medium6.52024-05-24PingCAP TiDB v7.5.1 was discovered to contain a buffer overflow vulnerability, which could lead to database crashes and denial of service attacks.
CVE-2024-41434Medium4.32024-09-03PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component (*Column).GetDecimal. This allows attackers to cause a Denial of Service (DoS…