CVE-2024-32886

MEDIUM Year: 2024
CVSS v3 Score
4.9
Medium
Weakness Type
CWE-835
View all →

Vulnerability Description

Vitess is a database clustering system for horizontal scaling of MySQL. When executing the following simple query, the `vtgate` will go into an endless loop that also keeps consuming memory and eventually will run out of memory. This vulnerability is fixed in 19.0.4, 18.0.5, and 17.0.7.

Related Vulnerabilities

CVE-2023-50763

MEDIUM
CVSS:4.9(Medium)

A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-...

CWE-8352023

CVE-2024-35982

MEDIUM
CVSS:5.1(Medium)

In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loop trying to resize local TT If the MTU of one of an attached interface becomes too small to transmit t...

CWE-8352024

CVE-2018-20482

MEDIUM
CVSS:4.7(Medium)

GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) ...

CWE-8352018

CVE-2023-4010

MEDIUM
CVSS:4.6(Medium)

A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The usb_giveback_urb function has a logic loophole in its implementation. Due to the inappropriate judgment condition ...

CWE-8352023

CVE-2017-15223

MEDIUM
CVSS:5.3(Medium)

Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 and earlier allows remote attackers to waste CPU resources (memory consumption) via unspecified vectors, possibly triggering an inf...

CWE-8352017

CVE-2018-9251

MEDIUM
CVSS:5.3(Medium)

The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERRO...

CWE-8352018