{"id":"USN-5344-1","summary":"libdbd-mysql-perl vulnerabilities","details":"It was discovered that the DBD::mysql module, when configured with server-side\nprepared statement support, was susceptible to operations that would result in\nimproper memory access. An attacker could possibly use this issue to cause\nDBD::mysql to crash, resulting in a denial of service.\n(CVE-2016-1249, CVE-2016-1251)\n\nIt was discovered that the DBD::mysql module was susceptible to an operation\nthat would result in improper memory access, introduced through incorrect\ndocumentation and code examples. An attacker could possibly use this issue to\ncause DBD::mysql to crash or potentially cause other, unspecified, impact.\n(CVE-2017-10788)\n\nIt was discovered that the DBD::mysql module processed SSL/TLS settings in a\nway that did not fully correlate with the respective documentation for each\nsetting. An attacker could possibly use this to perform a cleartext-downgrade\nattack. (CVE-2017-10789)\n","modified":"2026-05-20T16:03:18.946412169Z","published":"2022-04-01T20:31:18Z","related":["UBUNTU-CVE-2016-1249","UBUNTU-CVE-2016-1251","UBUNTU-CVE-2017-10788","UBUNTU-CVE-2017-10789"],"upstream":["CVE-2016-1249","CVE-2016-1251","CVE-2017-10788","CVE-2017-10789","UBUNTU-CVE-2016-1249","UBUNTU-CVE-2016-1251","UBUNTU-CVE-2017-10788","UBUNTU-CVE-2017-10789"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5344-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-1249"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-1251"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2017-10788"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2017-10789"}],"affected":[{"package":{"name":"libdbd-mysql-perl","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/libdbd-mysql-perl?arch=source&distro=esm-infra-legacy%2Fxenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.033-1ubuntu0.1+esm1"}]}],"versions":["4.028-2","4.033-1","4.033-1build1","4.033-1build2","4.033-1ubuntu0.1"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro","binaries":[{"binary_name":"libdbd-mysql-perl","binary_version":"4.033-1ubuntu0.1+esm1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5344-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:16.04:LTS","cves":[]}}}],"schema_version":"1.7.5"}