{"id":"AZL-40360","summary":"CVE-2024-32886 affecting package vitess for versions less than 19.0.4-1","details":"Vitess is a database clustering system for horizontal scaling of MySQL. When executing the following simple query, the `vtgate` will go into an endless loop that also keeps consuming memory and eventually will run out of memory. This vulnerability is fixed in 19.0.4, 18.0.5, and 17.0.7.","modified":"2026-04-01T05:13:36.221234Z","published":"2024-05-08T14:15:08Z","upstream":["CVE-2024-32886"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32886"}],"affected":[{"package":{"name":"vitess","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/vitess"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"19.0.4-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-40360.json"}}],"schema_version":"1.7.5"}