{"id":"AZL-68693","summary":"CVE-2025-53040 affecting package mysql for versions less than 8.0.44-2","details":"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and  9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).","modified":"2026-04-01T05:21:28.471685Z","published":"2025-10-21T20:20:41Z","upstream":["CVE-2025-53040"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-53040"}],"affected":[{"package":{"name":"mysql","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/mysql"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.0.44-2"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-68693.json"}}],"schema_version":"1.7.5"}