ALPINE-CVE-2018-2665

ALPINE-CVE-2018-2665 PUBLISHED CVSS 6.5 MEDIUM

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Risk Scores

CVSS v3.1

6.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Alpine:v3.5	mariadb	10.1.12-r0, 0, 10.0.21-r0
Alpine:v3.7	mariadb	10.1.13-r1, 10.1.20-r0, 10.1.8-r1
Alpine:v3.4	mariadb	10.1.13-r1, 10.0.21-r1, 10.0.21-r2
Alpine:v3.6	mariadb	5.5.43-r5, 5.5.43-r4, 5.5.43-r3

Timeline

Jan 18, 2018 CVE Published
Nov 19, 2025 CVE Updated
Apr 30, 2026 Distribution Patch

References

https://security.alpinelinux.org/vuln/CVE-2018-2665 advisory

Open in Interactive Console →