Vulnerabilities
Vulnerable Software
Pingcap:  >> Tidb  Security Vulnerabilities
PingCAP TiDB v7.5.1 was discovered to contain a buffer overflow vulnerability, which could lead to database crashes and denial of service attacks.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-05-24
PingCAP TiDB v7.5.1 was discovered to contain a NULL pointer dereference via the component SortedRowContainer.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-05-24
Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3.
CVSS Score
4.2
EPSS Score
0.001
Published
2022-11-04
PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-08-03
TiDB is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing (HTAP) workloads. Under certain conditions, an attacker can construct malicious authentication requests to bypass the authentication process, resulting in privilege escalation or unauthorized access. Only users using TiDB 5.3.0 are affected by this vulnerability. TiDB version 5.3.1 contains a patch for this issue. Other mitigation strategies include turning off Security Enhanced Mode (SEM), disabling local login for non-root accounts, and ensuring that the same IP cannot be logged in as root and normal user at the same time.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-05-31


Contact Us

Shodan ® - All rights reserved