{"id":"CVE-2020-2903","details":"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).","modified":"2026-03-20T11:37:17.322247Z","published":"2020-04-15T14:15:34.747Z","related":["ALSA-2020:3732","CGA-g47c-pvhx-6hfx"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202105-27"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20200416-0003/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4350-1/"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpuapr2020.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mysql/mysql-server","events":[{"introduced":"270fd3411e3d671a73ed9725940a30080f59ce6d"},{"last_affected":"ea7d2e2d16ac03afdd9cb72a972a95981107bf51"}],"database_specific":{"versions":[{"introduced":"8.0.0"},{"last_affected":"8.0.19"}]}}],"versions":["mysql-5.5.52","mysql-5.5.53","mysql-5.5.54","mysql-5.5.55","mysql-5.5.56","mysql-5.5.57","mysql-5.5.58","mysql-5.5.59","mysql-5.5.60","mysql-5.5.61","mysql-5.5.62","mysql-5.5.63","mysql-5.6.33","mysql-5.6.34","mysql-5.6.35","mysql-5.6.36","mysql-5.6.37","mysql-5.6.38","mysql-5.6.39","mysql-5.6.40","mysql-5.6.41","mysql-5.6.42","mysql-5.6.43","mysql-5.6.45","mysql-5.6.46","mysql-5.7-22-ndb-7.6.6","mysql-5.7.15","mysql-5.7.16","mysql-5.7.17","mysql-5.7.18","mysql-5.7.19","mysql-5.7.20","mysql-5.7.21","mysql-5.7.22","mysql-5.7.24","mysql-5.7.25","mysql-5.7.26","mysql-5.7.27","mysql-5.7.28","mysql-8.0.0","mysql-8.0.1","mysql-8.0.11","mysql-8.0.12","mysql-8.0.13","mysql-8.0.14","mysql-8.0.15","mysql-8.0.16","mysql-8.0.17","mysql-8.0.18","mysql-8.0.19","mysql-8.0.2","mysql-8.0.3","mysql-8.0.4","mysql-cluster-7.2.24","mysql-cluster-7.2.25","mysql-cluster-7.2.26","mysql-cluster-7.2.27","mysql-cluster-7.2.28","mysql-cluster-7.2.29","mysql-cluster-7.2.30","mysql-cluster-7.2.31","mysql-cluster-7.2.32","mysql-cluster-7.2.33","mysql-cluster-7.2.34","mysql-cluster-7.2.35","mysql-cluster-7.2.37","mysql-cluster-7.2.38","mysql-cluster-7.2.39","mysql-cluster-7.3.13","mysql-cluster-7.3.14","mysql-cluster-7.3.15","mysql-cluster-7.3.16","mysql-cluster-7.3.17","mysql-cluster-7.3.18","mysql-cluster-7.3.19","mysql-cluster-7.3.20","mysql-cluster-7.3.21","mysql-cluster-7.3.22","mysql-cluster-7.3.23","mysql-cluster-7.3.24","mysql-cluster-7.3.25","mysql-cluster-7.3.26","mysql-cluster-7.3.27","mysql-cluster-7.4.11","mysql-cluster-7.4.12","mysql-cluster-7.4.13","mysql-cluster-7.4.14","mysql-cluster-7.4.15","mysql-cluster-7.4.16","mysql-cluster-7.4.17","mysql-cluster-7.4.18","mysql-cluster-7.4.19","mysql-cluster-7.4.20","mysql-cluster-7.4.21","mysql-cluster-7.4.23","mysql-cluster-7.4.24","mysql-cluster-7.4.25","mysql-cluster-7.4.26","mysql-cluster-7.5.1","mysql-cluster-7.5.10","mysql-cluster-7.5.11","mysql-cluster-7.5.12","mysql-cluster-7.5.13","mysql-cluster-7.5.14","mysql-cluster-7.5.15","mysql-cluster-7.5.16","mysql-cluster-7.5.2","mysql-cluster-7.5.3","mysql-cluster-7.5.4","mysql-cluster-7.5.5","mysql-cluster-7.5.6","mysql-cluster-7.5.7","mysql-cluster-7.5.8","mysql-cluster-7.5.9","mysql-cluster-7.6.10","mysql-cluster-7.6.11","mysql-cluster-7.6.12","mysql-cluster-7.6.2","mysql-cluster-7.6.3","mysql-cluster-7.6.4","mysql-cluster-7.6.5","mysql-cluster-7.6.6","mysql-cluster-7.6.7","mysql-cluster-7.6.8","mysql-cluster-7.6.9","mysql-cluster-8.0.16","mysql-cluster-8.0.18","mysql-cluster-8.0.19"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-2903.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"30"}]},{"events":[{"introduced":"0"},{"last_affected":"31"}]},{"events":[{"introduced":"0"},{"last_affected":"32"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"19.10"}]},{"events":[{"introduced":"0"},{"last_affected":"20.04"}]},{"events":[{"introduced":"7.3"}]},{"events":[{"introduced":"9.5"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}]}