sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was introduced by commit `e75e358`. The vulnerability may lead to Denial of Service (DoS). This issues has been fixed in sqlparse 0.4.4 by commit `c457abd5f`. Users are advised to upgrade. There are no known workarounds for this issue.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-SUSE-RU-2024:1637-3 advisory.

    - Add python311 cloud services packages and dependencies (jsc#PED-7987, jsc#PED-6697)
    - Bellow 5 binaries Obsolete the python3.6 counterpart:
        python311-google-resumable-media         python311-google-api-core         python311-google-cloud-storage         python311-google-cloud-core         python311-googleapis-common-protos

    - Regular python311 updates (without Obsoletes):
        python-google-auth         python-grpcio         python-sqlparse

    - New python311 packages:
        libcrc32c         python-google-cloud-appengine-logging         python-google-cloud-artifact-registry         python-google-cloud-audit-log         python-google-cloud-build         python-google-cloud-compute         python-google-cloud-dns         python-google-cloud-domains         python-google-cloud-iam         python-google-cloud-kms-inventory         python-google-cloud-kms         python-google-cloud-logging         python-google-cloud-run         python-google-cloud-secret-manager         python-google-cloud-service-directory         python-google-cloud-spanner         python-google-cloud-vpc-access         python-google-crc32c         python-grpc-google-iam-v1         python-grpcio-status         python-proto-plus

    In python-sqlparse this security issue was fixed:

    CVE-2023-30608: Fixed parser that contained a regular expression that is vulnerable to ReDOS (Regular     Expression Denial of Service) (bsc#1210617)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-SUSE-RU-2024:1637-2 advisory.

    - Add python311 cloud services packages and dependencies (jsc#PED-7987, jsc#PED-6697)
    - Bellow 5 binaries Obsolete the python3.6 counterpart:
        python311-google-resumable-media         python311-google-api-core         python311-google-cloud-storage         python311-google-cloud-core         python311-googleapis-common-protos

    - Regular python311 updates (without Obsoletes):
        python-google-auth         python-grpcio         python-sqlparse

    - New python311 packages:
        libcrc32c         python-google-cloud-appengine-logging         python-google-cloud-artifact-registry         python-google-cloud-audit-log         python-google-cloud-build         python-google-cloud-compute         python-google-cloud-dns         python-google-cloud-domains         python-google-cloud-iam         python-google-cloud-kms-inventory         python-google-cloud-kms         python-google-cloud-logging         python-google-cloud-run         python-google-cloud-secret-manager         python-google-cloud-service-directory         python-google-cloud-spanner         python-google-cloud-vpc-access         python-google-crc32c         python-grpc-google-iam-v1         python-grpcio-status         python-proto-plus

    In python-sqlparse this security issue was fixed:

    CVE-2023-30608: Fixed parser that contained a regular expression that is vulnerable to ReDOS (Regular     Expression Denial of Service) (bsc#1210617)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-SUSE-RU-2024:1637-1 advisory.

  - sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a     regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was     introduced by commit `e75e358`. The vulnerability may lead to Denial of Service (DoS). This issues has     been fixed in sqlparse 0.4.4 by commit `c457abd5f`. Users are advised to upgrade. There are no known     workarounds for this issue. (CVE-2023-30608)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6818 advisory.

    Red Hat Satellite is a systems management tool for Linux-based     infrastructure. It allows for provisioning, remote management, and     monitoring of multiple Linux deployments with a single centralized tool.

    Security Fix(es):

    * golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)     (CVE-2023-39325)

    * HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)     (CVE-2023-44487)

    * GitPython: Insecure non-multi options in clone and clone_from is not blocked (CVE-2023-40267)

    * kubeclient: kubeconfig parsing error can lead to MITM attacks (CVE-2022-0759)

    * foreman: OS command injection via ct_command and fcct_command (CVE-2022-3874)

    * ruby-git: code injection vulnerability (CVE-2022-46648)

    * ruby-git: code injection vulnerability (CVE-2022-47318)

    * Foreman: Arbitrary code execution through templates (CVE-2023-0118)

    * rubygem-activerecord: SQL Injection (CVE-2023-22794)

    * openssl: c_rehash script allows command injection (CVE-2022-1292)

    * openssl: the c_rehash script allows command injection (CVE-2022-2068)

    * Pulp:Tokens stored in plaintext (CVE-2022-3644)

    * satellite: Blind SSRF via Referer header (CVE-2022-4130)

    * python-future: remote attackers can cause denial of service via crafted Set-Cookie header from malicious     web server (CVE-2022-40899)

    * golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)

    * rubygem-activerecord: Denial of Service (CVE-2022-44566)

    * rubygem-rack: denial of service in Content-Disposition parsing (CVE-2022-44570)

    * rubygem-rack: denial of service in Content-Disposition parsing (CVE-2022-44571)

    * rubygem-rack: denial of service in Content-Disposition parsing (CVE-2022-44572)

    * Foreman: Stored cross-site scripting in host tab (CVE-2023-0119)

    * puppet: Puppet Server ReDoS (CVE-2023-1894)

    * rubygem-actionpack: Denial of Service in Action Dispatch (CVE-2023-22792)

    * rubygem-actionpack: Denial of Service in Action Dispatch (CVE-2023-22795)

    * rubygem-activesupport: Regular Expression Denial of Service (CVE-2023-22796)

    * rubygem-globalid: ReDoS vulnerability (CVE-2023-22799)

    * rubygem-rack: Denial of service in Multipart MIME parsing (CVE-2023-27530)

    * rubygem-rack: denial of service in header parsing (CVE-2023-27539)

    * golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)

    * sqlparse: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of     Service) (CVE-2023-30608)

    * python-django: Potential bypass of validation when uploading multiple files using one form field     (CVE-2023-31047)

    * python-requests: Unintended leak of Proxy-Authorization header (CVE-2023-32681)

    * python-django: Potential regular expression denial of service vulnerability in     EmailValidator/URLValidator (CVE-2023-36053)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    This update also fixes several bugs and adds various enhancements. Documentation for these changes is     available from the Release Notes document linked to in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4591 advisory.

    Red Hat Update Infrastructure (RHUI) offers a highly scalable, highly redundant framework that enables you     to manage repositories and content. It also enables cloud providers to deliver content and updates to Red     Hat Enterprise Linux (RHEL) instances.

    Security Fix(es):
    * Django: Potential bypass of validation when uploading multiple files using a single form field     (CVE-2023-31047)

    * sqlparse: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of     Service) (CVE-2023-30608)

    This RHUI update fixes the following bugs:

    * Previously, the `rhui-manager` command used the `logname` command to obtain the login name. However,     when `rhui-manager` is run using the `rhui-repo-sync` cron job, a login name is not defined. Consequently,     emails sent by the cron job contained the error message `logname: no login name`. With this update, `rhui-     manager` does not obtain the login name using the `logname` command and the error message is no longer     generated.

    * Previously, when an invalid repository ID was used with the `rhui-manager` command to synchronize or     delete a repository, the command failed with following error:
    `An unexpected error has occurred during the last operation.`     Additionally, a traceback was also logged.
    With this update, the error message has been improved and failure to run no longer logs a traceback.

    This RHUI update introduces the following enhancements:

    * With this update, the client configuration RPMs in `rhui-manager` prevent subscription manager from     automatically enabling `yum` plugins. As a result, RHUI repository users will no longer see irrelevant     messages from subscription manager. (BZ#1957871)

    * With this update, you can generate machine-readable files with the status of each RHUI repository. To     use this feature, run the following command:
    `rhui-manager --non-interactive status --repo_json <output file>`      (BZ#2079391)

    * With this update, the `rhui-manager` CLI command uses a variety of unique exit codes to indicate     different types of errors. For example, if you attempt to add a Red Hat repository that has already been     added, the command will exit with a status of 245. However, if you attempt to add a Red Hat repository     that does not exist in the RHUI entitlement, the command will exit with a status of 246. For a complete     list of codes, see the `/usr/lib/python3.6/site-packages/rhui/common/rhui_exit_codes.py` file.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:6818 advisory.

  - A flaw was found in all versions of kubeclient up to (but not including) v4.9.3, the Ruby client for     Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure     custom CA to verify certs, kubeclient ends up accepting any certificate (it wrongly returns VERIFY_NONE).
    Ruby applications that leverage kubeclient to parse kubeconfig files are susceptible to Man-in-the-middle     attacks (MITM). (CVE-2022-0759)

  - The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This     script is distributed by some operating systems in a manner where it is automatically executed. On such     operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of     the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.
    Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n).
    Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd). (CVE-2022-1292)

  - In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances     where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection     were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other     places in the script where the file names of certificates being hashed were possibly passed to a command     executed through the shell. This script is distributed by some operating systems in a manner where it is     automatically executed. On such operating systems, an attacker could execute arbitrary commands with the     privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the     OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in     OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze). (CVE-2022-2068)

  - The collection remote for pulp_ansible stores tokens in plaintext instead of using pulp's encrypted field     and exposes them in read/write mode via the API () instead of marking it as write only. (CVE-2022-3644)

  - A command injection flaw was found in foreman. This flaw allows an authenticated user with admin     privileges on the foreman instance to transpile commands through CoreOS and Fedora CoreOS configurations     in templates, possibly resulting in arbitrary command execution on the underlying operating system.
    (CVE-2022-3874)

  - An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial     of service via crafted Set-Cookie header from malicious web server. (CVE-2022-40899)

  - A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to     trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request     of specific resources in the server. (CVE-2022-4130)

  - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server     connections contain a cache of HTTP header keys sent by the client. While the total number of entries in     this cache is capped, an attacker sending very large keys can cause the server to allocate approximately     64 MiB per open connection. (CVE-2022-41717)

  - A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When     a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it     will treat the target column type as numeric. Comparing integer values against numeric values can result     in a slow sequential scan resulting in potential Denial of Service. (CVE-2022-44566)

  - A denial of service vulnerability in the Range header parsing component of Rack >= 1.5.0. A Carefully     crafted input can cause the Range header parsing component in Rack to take an unexpected amount of time,     possibly resulting in a denial of service attack vector. Any applications that deal with Range requests     (such as streaming applications, or applications that serve files) may be impacted. (CVE-2022-44570)

  - There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in     2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-     Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial     ofservice attack vector. This header is used typically used in multipartparsing. Any applications that     parse multipart posts using Rack (virtuallyall Rails applications) are impacted. (CVE-2022-44571)

  - A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2,     2.2.4.1 and 3.0.0.1 could allow an attacker tocraft input that can cause RFC2183 multipart boundary     parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack     vector. Any applications that parse multipart posts using Rack (virtually all Rails applications) are     impacted. (CVE-2022-44572)

  - ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby     code by having a user to load a repository containing a specially crafted filename to the product. This     vulnerability is different from CVE-2022-47318. (CVE-2022-46648)

  - ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby     code by having a user to load a repository containing a specially crafted filename to the product. This     vulnerability is different from CVE-2022-46648. (CVE-2022-47318)

  - An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode     in templates and execute arbitrary code on the underlying operating system. (CVE-2023-0118)

  - A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has     incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on     the system can steal another user's session, make requests on behalf of the user, and obtain user     credentials. (CVE-2023-0119)

  - A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certificate     validation. An issue related to specifically crafted certificate names significantly slowed down server     operations. (CVE-2023-1894)

  - A regular expression based DoS vulnerability in Action Dispatch <6.0.6.1,< 6.1.7.1, and <7.0.4.1.
    Specially crafted cookies, in combination with a specially crafted X_FORWARDED_HOST header can cause the     regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use     large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected     release should either upgrade or use one of the workarounds immediately. (CVE-2023-22792)

  - A vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments.
    If malicious user input is passed to either the `annotate` query method, the `optimizer_hints` query     method, or through the QueryLogs interface which automatically adds annotations, it may be sent to the     database withinsufficient sanitization and be able to inject SQL outside of the comment. (CVE-2023-22794)

  - A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-     None-Match header. A specially crafted HTTP If-None-Match header can cause the regular expression engine     to enter a state of catastrophic backtracking, when on a version of Ruby below 3.2.0. This can cause the     process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running     an affected release should either upgrade or use one of the workarounds immediately. (CVE-2023-22795)

  - A regular expression based DoS vulnerability in Active Support <6.1.7.1 and <7.0.4.1. A specially crafted     string passed to the underscore method can cause the regular expression engine to enter a state of     catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a     possible DoS vulnerability. (CVE-2023-22796)

  - A ReDoS based DoS vulnerability in the GlobalID <1.0.1 which could allow an attacker supplying a carefully     crafted input can cause the regular expression engine to take an unexpected amount of time. All users     running an affected release should either upgrade or use one of the workarounds immediately.
    (CVE-2023-22799)

  - A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2.1.4.3 and <v2.0.9.3 within in the Multipart     MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart     parsing to take longer than expected. (CVE-2023-27530)

  - The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host     header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send     requests containing an invalid Request.Host or Request.URL.Host value. (CVE-2023-29406)

  - sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a     regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was     introduced by commit `e75e358`. The vulnerability may lead to Denial of Service (DoS). This issues has     been fixed in sqlparse 0.4.4 by commit `c457abd5f`. Users are advised to upgrade. There are no known     workarounds for this issue. (CVE-2023-30608)

  - In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation     when using one form field to upload multiple files. This multiple upload has never been supported by     forms.FileField or forms.ImageField (only the last uploaded file was validated). However, Django's     Uploading multiple files documentation suggested otherwise. (CVE-2023-31047)

  - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to     destination servers when redirected to an HTTPS endpoint. This is a product of how we use     `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent     through the tunnel, the proxy will identify the header in the request itself and remove it prior to     forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must     be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in     Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious     actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0.
    (CVE-2023-32681)

  - In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are     subject to a potential ReDoS (regular expression denial of service) attack via a very large number of     domain name labels of emails and URLs. (CVE-2023-36053)

  - A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive     server resource consumption. While the total number of requests is bounded by the     http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create     a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound     the number of simultaneously executing handler goroutines to the stream concurrency limit     (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client     has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows     too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2     for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per     HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the     Server.MaxConcurrentStreams setting and the ConfigureServer function. (CVE-2023-39325)

  - GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this     issue exists because of an incomplete fix for CVE-2022-24439. (CVE-2023-40267)

  - The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation     can reset many streams quickly, as exploited in the wild in August through October 2023. (CVE-2023-44487)

  - The Ruby on Rails advisory describes this vulnerability as follows: (CVE-2023-27539)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

This Solaris system is missing necessary patches to address critical security updates :

  - Vulnerability in the MySQL Enterprise Monitor product of     Oracle MySQL (component: Monitoring: General (Apache     Tomcat)). Supported versions that are affected are     8.0.34 and prior. Easily exploitable vulnerability     allows unauthenticated attacker with network access via     multiple protocols to compromise MySQL Enterprise     Monitor. Successful attacks of this vulnerability can     result in unauthorized ability to cause a hang or     frequently repeatable crash (complete DOS) of MySQL     Enterprise Monitor. CVSS 3.1 Base Score 7.5     (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-28709)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Client programs). Supported versions     that are affected are 5.7.41 and prior and 8.0.32 and     prior. Difficult to exploit vulnerability allows low     privileged attacker with network access via multiple     protocols to compromise MySQL Server. Successful attacks     require human interaction from a person other than the     attacker. Successful attacks of this vulnerability can     result in takeover of MySQL Server. CVSS 3.1 Base Score     7.1 (Confidentiality, Integrity and Availability     impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H).
    (CVE-2023-21980)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Optimizer). Supported versions     that are affected are 8.0.32 and prior. Easily     exploitable vulnerability allows low privileged attacker     with network access via multiple protocols to compromise     MySQL Server. Successful attacks of this vulnerability     can result in unauthorized ability to cause a hang or     frequently repeatable crash (complete DOS) of MySQL     Server. CVSS 3.1 Base Score 6.5 (Availability impacts).
    CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-21946)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: DDL). Supported versions that     are affected are 8.0.32 and prior. Easily exploitable     vulnerability allows high privileged attacker with     network access via multiple protocols to compromise     MySQL Server. Successful attacks of this vulnerability     can result in unauthorized ability to cause a hang or     frequently repeatable crash (complete DOS) of MySQL     Server as well as unauthorized update, insert or delete     access to some of MySQL Server accessible data. CVSS 3.1     Base Score 5.5 (Integrity and Availability impacts).
    CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
    (CVE-2023-21929)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: InnoDB). Supported versions that are     affected are 8.0.32 and prior. Easily exploitable     vulnerability allows high privileged attacker with     network access via multiple protocols to compromise     MySQL Server. Successful attacks of this vulnerability     can result in unauthorized ability to cause a hang or     frequently repeatable crash (complete DOS) of MySQL     Server. CVSS 3.1 Base Score 4.9 (Availability impacts).
    CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-21911)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Components Services).
    Supported versions that are affected are 8.0.32 and     prior. Easily exploitable vulnerability allows high     privileged attacker with network access via multiple     protocols to compromise MySQL Server. Successful attacks     of this vulnerability can result in unauthorized ability     to cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server. CVSS 3.1 Base Score 4.9     (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-21962)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: DDL). Supported versions that     are affected are 8.0.32 and prior. Easily exploitable     vulnerability allows high privileged attacker with     network access via multiple protocols to compromise     MySQL Server. Successful attacks of this vulnerability     can result in unauthorized ability to cause a hang or     frequently repeatable crash (complete DOS) of MySQL     Server. CVSS 3.1 Base Score 4.9 (Availability impacts).
    CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-21919)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: DDL). Supported versions that     are affected are 8.0.32 and prior. Easily exploitable     vulnerability allows high privileged attacker with     network access via multiple protocols to compromise     MySQL Server. Successful attacks of this vulnerability     can result in unauthorized ability to cause a hang or     frequently repeatable crash (complete DOS) of MySQL     Server. CVSS 3.1 Base Score 4.9 (Availability impacts).
    CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-21933)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: DML). Supported versions that     are affected are 8.0.32 and prior. Easily exploitable     vulnerability allows high privileged attacker with     network access via multiple protocols to compromise     MySQL Server. Successful attacks of this vulnerability     can result in unauthorized ability to cause a hang or     frequently repeatable crash (complete DOS) of MySQL     Server. CVSS 3.1 Base Score 4.9 (Availability impacts).
    CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-21972)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: JSON). Supported versions that     are affected are 8.0.32 and prior. Easily exploitable     vulnerability allows high privileged attacker with     network access via multiple protocols to compromise     MySQL Server. Successful attacks of this vulnerability     can result in unauthorized ability to cause a hang or     frequently repeatable crash (complete DOS) of MySQL     Server. CVSS 3.1 Base Score 4.9 (Availability impacts).
    CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-21966)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Optimizer). Supported versions     that are affected are 8.0.32 and prior. Easily     exploitable vulnerability allows high privileged     attacker with network access via multiple protocols to     compromise MySQL Server. Successful attacks of this     vulnerability can result in unauthorized ability to     cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server. CVSS 3.1 Base Score 4.9     (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-21920)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Optimizer). Supported versions     that are affected are 8.0.32 and prior. Easily     exploitable vulnerability allows high privileged     attacker with network access via multiple protocols to     compromise MySQL Server. Successful attacks of this     vulnerability can result in unauthorized ability to     cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server. CVSS 3.1 Base Score 4.9     (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-21935)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Optimizer). Supported versions     that are affected are 8.0.32 and prior. Easily     exploitable vulnerability allows high privileged     attacker with network access via multiple protocols to     compromise MySQL Server. Successful attacks of this     vulnerability can result in unauthorized ability to     cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server. CVSS 3.1 Base Score 4.9     (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-21945)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Optimizer). Supported versions     that are affected are 8.0.32 and prior. Easily     exploitable vulnerability allows high privileged     attacker with network access via multiple protocols to     compromise MySQL Server. Successful attacks of this     vulnerability can result in unauthorized ability to     cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server. CVSS 3.1 Base Score 4.9     (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-21976)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Optimizer). Supported versions     that are affected are 8.0.32 and prior. Easily     exploitable vulnerability allows high privileged     attacker with network access via multiple protocols to     compromise MySQL Server. Successful attacks of this     vulnerability can result in unauthorized ability to     cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server. CVSS 3.1 Base Score 4.9     (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-21977)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Optimizer). Supported versions     that are affected are 8.0.32 and prior. Easily     exploitable vulnerability allows high privileged     attacker with network access via multiple protocols to     compromise MySQL Server. Successful attacks of this     vulnerability can result in unauthorized ability to     cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server. CVSS 3.1 Base Score 4.9     (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-21982)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Partition). Supported versions     that are affected are 8.0.32 and prior. Easily     exploitable vulnerability allows high privileged     attacker with network access via multiple protocols to     compromise MySQL Server. Successful attacks of this     vulnerability can result in unauthorized ability to     cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server. CVSS 3.1 Base Score 4.9     (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-21953)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Partition). Supported versions     that are affected are 8.0.32 and prior. Easily     exploitable vulnerability allows high privileged     attacker with network access via multiple protocols to     compromise MySQL Server. Successful attacks of this     vulnerability can result in unauthorized ability to     cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server. CVSS 3.1 Base Score 4.9     (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-21955)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Components Services).
    Supported versions that are affected are 8.0.32 and     prior. Difficult to exploit vulnerability allows high     privileged attacker with network access via multiple     protocols to compromise MySQL Server. Successful attacks     of this vulnerability can result in unauthorized ability     to cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server. CVSS 3.1 Base Score 4.4     (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-21940)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Components Services).
    Supported versions that are affected are 8.0.32 and     prior. Difficult to exploit vulnerability allows high     privileged attacker with network access via multiple     protocols to compromise MySQL Server. Successful attacks     of this vulnerability can result in unauthorized ability     to cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server. CVSS 3.1 Base Score 4.4     (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-21947)

  - Vulnerability in the Oracle Communications Diameter     Signaling Router product of Oracle Communications     (component: Virtual Network Function Manager (git)). The     supported version that is affected is 8.6.0.0. Easily     exploitable vulnerability allows unauthenticated     attacker with logon to the infrastructure where Oracle     Communications Diameter Signaling Router executes to     compromise Oracle Communications Diameter Signaling     Router. Successful attacks require human interaction     from a person other than the attacker. Successful     attacks of this vulnerability can result in takeover of     Oracle Communications Diameter Signaling Router. CVSS     3.1 Base Score 7.8 (Confidentiality, Integrity and     Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
    (CVE-2023-29007)

  - Vulnerability in the MySQL Workbench product of Oracle     MySQL (component: Workbench (libxml2)). Supported     versions that are affected are 8.0.33 and prior. Easily     exploitable vulnerability allows unauthenticated     attacker with network access via MySQL Workbench to     compromise MySQL Workbench. Successful attacks require     human interaction from a person other than the attacker.
    Successful attacks of this vulnerability can result in     unauthorized ability to cause a hang or frequently     repeatable crash (complete DOS) of MySQL Workbench. CVSS     3.1 Base Score 6.5 (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H).
    (CVE-2023-28484)

  - Vulnerability in the Oracle Retail Advanced Inventory     Planning product of Oracle Retail Applications     (component: Operations & Maintenance (zlib)). Supported     versions that are affected are 15.0 and 16.0. Easily     exploitable vulnerability allows unauthenticated     attacker with network access via HTTP to compromise     Oracle Retail Advanced Inventory Planning. Successful     attacks of this vulnerability can result in takeover of     Oracle Retail Advanced Inventory Planning. CVSS 3.1 Base     Score 9.8 (Confidentiality, Integrity and Availability     impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
    (CVE-2022-37434)

  - Vulnerability in the Oracle Enterprise Operations     Monitor product of Oracle Communications (component:
    Mediation Engine (OpenSSL)). Supported versions that are     affected are 5.0 and 5.1. Easily exploitable     vulnerability allows unauthenticated attacker with     network access via TLS to compromise Oracle Enterprise     Operations Monitor. Successful attacks of this     vulnerability can result in unauthorized ability to     cause a hang or frequently repeatable crash (complete     DOS) of Oracle Enterprise Operations Monitor. CVSS 3.1     Base Score 7.5 (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-0215)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Packaging (cURL)). Supported     versions that are affected are 5.7.41 and prior and     8.0.32 and prior. Easily exploitable vulnerability     allows unauthenticated attacker with network access via     multiple protocols to compromise MySQL Server.
    Successful attacks of this vulnerability can result in     unauthorized access to critical data or complete access     to all MySQL Server accessible data. CVSS 3.1 Base Score     7.5 (Confidentiality impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
    (CVE-2022-43551)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Security: Privileges).
    Supported versions that are affected are 5.7.41 and     prior and 8.0.30 and prior. Easily exploitable     vulnerability allows unauthenticated attacker with     network access via multiple protocols to compromise     MySQL Server. Successful attacks of this vulnerability     can result in unauthorized ability to cause a hang or     frequently repeatable crash (complete DOS) of MySQL     Server. CVSS 3.1 Base Score 7.5 (Availability impacts).
    CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-21912)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Client programs). Supported versions     that are affected are 5.7.41 and prior and 8.0.32 and     prior. Difficult to exploit vulnerability allows low     privileged attacker with network access via multiple     protocols to compromise MySQL Server. Successful attacks     require human interaction from a person other than the     attacker. Successful attacks of this vulnerability can     result in takeover of MySQL Server. CVSS 3.1 Base Score     7.1 (Confidentiality, Integrity and Availability     impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H).
    (CVE-2023-21980)

  - Vulnerability in the Oracle Communications Diameter     Signaling Router product of Oracle Communications     (component: Virtual Network Function Manager (Libwebp)).
    The supported version that is affected is 8.6.0.0.
    Easily exploitable vulnerability allows unauthenticated     attacker with network access via HTTP to compromise     Oracle Communications Diameter Signaling Router.
    Successful attacks of this vulnerability can result in     unauthorized ability to cause a hang or frequently     repeatable crash (complete DOS) of Oracle Communications     Diameter Signaling Router. CVSS 3.1 Base Score 7.5     (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2023-1999)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2619-1 advisory.

  - sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a     regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was     introduced by commit `e75e358`. The vulnerability may lead to Denial of Service (DoS). This issues has     been fixed in sqlparse 0.4.4 by commit `c457abd5f`. Users are advised to upgrade. There are no known     workarounds for this issue. (CVE-2023-30608)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2462-1 advisory.

  - sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a     regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was     introduced by commit `e75e358`. The vulnerability may lead to Denial of Service (DoS). This issues has     been fixed in sqlparse 0.4.4 by commit `c457abd5f`. Users are advised to upgrade. There are no known     workarounds for this issue. (CVE-2023-30608)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3425 advisory.

  - sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a     regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was     introduced by commit `e75e358`. The vulnerability may lead to Denial of Service (DoS). This issues has     been fixed in sqlparse 0.4.4 by commit `c457abd5f`. Users are advised to upgrade. There are no known     workarounds for this issue. (CVE-2023-30608)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6064-1 advisory.

    It was discovered that SQL parse incorrectly handled certain regular expression. An attacker could     possibly use this issue to cause a denial of service.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
207257	SUSE SLES15 : Recommended update for google-cloud SDK (SUSE-SU-SUSE-RU-2024:1637-3)	Nessus	SuSE Local Security Checks	high
200803	SUSE SLED15 / SLES15 / openSUSE 15 : Recommended update for google-cloud SDK (SUSE-SU-SUSE-RU-2024:1637-2)	Nessus	SuSE Local Security Checks	high
197053	SUSE SLED15 / SLES15 / openSUSE 15 : Recommended update for google-cloud SDK (SUSE-SU-SUSE-RU-2024:1637-1)	Nessus	SuSE Local Security Checks	high
194436	RHEL 8 : Satellite 6.14 (RHSA-2023:6818)	Nessus	Red Hat Local Security Checks	critical
194233	RHEL 8 : RHUI 4.5.0 - Security, Bug Fixes, and Enhancements (Moderate) (RHSA-2023:4591)	Nessus	Red Hat Local Security Checks	critical
185473	Rocky Linux 8 : Satellite 6.14 (RLSA-2023:6818)	Nessus	Rocky Linux Local Security Checks	critical
178628	Oracle Solaris Critical Patch Update : jul2023_SRU11_4_59_144_2	Nessus	Solaris Local Security Checks	critical
177622	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-sqlparse (SUSE-SU-2023:2619-1)	Nessus	SuSE Local Security Checks	high
177056	SUSE SLED15 / SLES15 Security Update : python-sqlparse (SUSE-SU-2023:2462-1)	Nessus	SuSE Local Security Checks	high
175929	Debian DLA-3425-1 : sqlparse - LTS security update	Nessus	Debian Local Security Checks	high
175561	Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.04 : SQL parse vulnerability (USN-6064-1)	Nessus	Ubuntu Local Security Checks	high

Detections

Analytics

CVE-2023-30608

high

Tenable Plugins

high

high

high

critical

critical

critical

critical

high

high

high

high