{"schema_version":"1.7.2","id":"OESA-2026-2156","modified":"2026-05-03T09:56:41Z","published":"2026-05-03T09:56:41Z","upstream":["CVE-2026-34317","CVE-2026-34319"],"summary":"mysql security update","details":"MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. %if\r\n\r\nSecurity Fix(es):\n\nVulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client).  Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and  9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Shell executes to compromise MySQL Shell.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Shell. CVSS 3.1 Base Score 5.0 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H).(CVE-2026-34317)\n\nVulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client).  Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and  9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Shell executes to compromise MySQL Shell.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Shell. CVSS 3.1 Base Score 5.0 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H).(CVE-2026-34319)","affected":[{"package":{"ecosystem":"openEuler:24.03-LTS-SP1","name":"mysql","purl":"pkg:rpm/openEuler/mysql&distro=openEuler-24.03-LTS-SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.0.46-1.oe2403sp1"}]}],"ecosystem_specific":{"aarch64":["mysql-8.0.46-1.oe2403sp1.aarch64.rpm","mysql-common-8.0.46-1.oe2403sp1.aarch64.rpm","mysql-config-8.0.46-1.oe2403sp1.aarch64.rpm","mysql-debuginfo-8.0.46-1.oe2403sp1.aarch64.rpm","mysql-debugsource-8.0.46-1.oe2403sp1.aarch64.rpm","mysql-devel-8.0.46-1.oe2403sp1.aarch64.rpm","mysql-errmsg-8.0.46-1.oe2403sp1.aarch64.rpm","mysql-help-8.0.46-1.oe2403sp1.aarch64.rpm","mysql-libs-8.0.46-1.oe2403sp1.aarch64.rpm","mysql-server-8.0.46-1.oe2403sp1.aarch64.rpm","mysql-test-8.0.46-1.oe2403sp1.aarch64.rpm"],"src":["mysql-8.0.46-1.oe2403sp1.src.rpm"],"x86_64":["mysql-8.0.46-1.oe2403sp1.x86_64.rpm","mysql-common-8.0.46-1.oe2403sp1.x86_64.rpm","mysql-config-8.0.46-1.oe2403sp1.x86_64.rpm","mysql-debuginfo-8.0.46-1.oe2403sp1.x86_64.rpm","mysql-debugsource-8.0.46-1.oe2403sp1.x86_64.rpm","mysql-devel-8.0.46-1.oe2403sp1.x86_64.rpm","mysql-errmsg-8.0.46-1.oe2403sp1.x86_64.rpm","mysql-help-8.0.46-1.oe2403sp1.x86_64.rpm","mysql-libs-8.0.46-1.oe2403sp1.x86_64.rpm","mysql-server-8.0.46-1.oe2403sp1.x86_64.rpm","mysql-test-8.0.46-1.oe2403sp1.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2156"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34317"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34319"}],"database_specific":{"severity":"Medium"}}