All Vulnerability Reports

Various MySQL Security Updates from January 2020


Severity

Medium

Vendor

VMware Tanzu

Description

Various products in VMware Tanzu contain several vulnerabilities through their consumption of MySQL.

Affected VMware Products and Versions

Severity is medium unless otherwise noted.

  • MySQL for VMware Tanzu
    • 2.7 versions prior to 2.7.9
    • 2.8 versions prior to 2.8.2
  • VMware Tanzu Application Service for VMs
    • 2.7.x versions prior to 2.7.21
    • 2.8.x versions prior to 2.8.15
    • 2.9.x versions prior to 2.9.9
    • 2.10.x versions prior to 2.10.1
  • VMware Tanzu Kubernetes Grid Integrated Edition
    • 1.7 versions prior to 1.7.2
    • All 1.8 versions (patch pending)

Mitigation

Users of affected versions should apply the following mitigation or upgrade. Releases that have fixed this issue include:

  • MySQL for VMware Tanzu
    • 2.7.9
    • 2.8.2
    • 2.9.0
  • VMware Tanzu Application Service for VMs
    • 2.7.21
    • 2.8.15
    • 2.9.9
    • 2.10.1
  • VMware Tanzu Kubernetes Grid Integrated Edition
    • 1.7.2
    • 1.9.0

References

History

2020-10-13: Initial vulnerability report published.