{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"MySQL Enterprise Monitor versions 4.0.2.5168 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"MySQL Enterprise Monitor versions 3.3.7.3306 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"MySQL Cluster versions 7.4.14 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"MySQL Cluster versions 7.5.5 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"MySQL Cluster versions 7.2.27 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"MySQL Server versions 5.5.59 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"MySQL Cluster versions 7.3.16 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"MySQL Enterprise Monitor versions 3.4.5.4248 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"MySQL Server versions 5.6.39 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"MySQL Server versions 5.7.21 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2018-2839","url":"https://www.cve.org/CVERecord?id=CVE-2018-2839"},{"name":"CVE-2018-2766","url":"https://www.cve.org/CVERecord?id=CVE-2018-2766"},{"name":"CVE-2018-2775","url":"https://www.cve.org/CVERecord?id=CVE-2018-2775"},{"name":"CVE-2018-2805","url":"https://www.cve.org/CVERecord?id=CVE-2018-2805"},{"name":"CVE-2017-3737","url":"https://www.cve.org/CVERecord?id=CVE-2017-3737"},{"name":"CVE-2018-2817","url":"https://www.cve.org/CVERecord?id=CVE-2018-2817"},{"name":"CVE-2018-2759","url":"https://www.cve.org/CVERecord?id=CVE-2018-2759"},{"name":"CVE-2018-2762","url":"https://www.cve.org/CVERecord?id=CVE-2018-2762"},{"name":"CVE-2018-2818","url":"https://www.cve.org/CVERecord?id=CVE-2018-2818"},{"name":"CVE-2018-2755","url":"https://www.cve.org/CVERecord?id=CVE-2018-2755"},{"name":"CVE-2018-2877","url":"https://www.cve.org/CVERecord?id=CVE-2018-2877"},{"name":"CVE-2018-2758","url":"https://www.cve.org/CVERecord?id=CVE-2018-2758"},{"name":"CVE-2018-2773","url":"https://www.cve.org/CVERecord?id=CVE-2018-2773"},{"name":"CVE-2018-2846","url":"https://www.cve.org/CVERecord?id=CVE-2018-2846"},{"name":"CVE-2018-2781","url":"https://www.cve.org/CVERecord?id=CVE-2018-2781"},{"name":"CVE-2018-2784","url":"https://www.cve.org/CVERecord?id=CVE-2018-2784"},{"name":"CVE-2018-2816","url":"https://www.cve.org/CVERecord?id=CVE-2018-2816"},{"name":"CVE-2018-2769","url":"https://www.cve.org/CVERecord?id=CVE-2018-2769"},{"name":"CVE-2018-2786","url":"https://www.cve.org/CVERecord?id=CVE-2018-2786"},{"name":"CVE-2018-2812","url":"https://www.cve.org/CVERecord?id=CVE-2018-2812"},{"name":"CVE-2018-2771","url":"https://www.cve.org/CVERecord?id=CVE-2018-2771"},{"name":"CVE-2016-9878","url":"https://www.cve.org/CVERecord?id=CVE-2016-9878"},{"name":"CVE-2018-2780","url":"https://www.cve.org/CVERecord?id=CVE-2018-2780"},{"name":"CVE-2018-2782","url":"https://www.cve.org/CVERecord?id=CVE-2018-2782"},{"name":"CVE-2018-2819","url":"https://www.cve.org/CVERecord?id=CVE-2018-2819"},{"name":"CVE-2018-2813","url":"https://www.cve.org/CVERecord?id=CVE-2018-2813"},{"name":"CVE-2018-2778","url":"https://www.cve.org/CVERecord?id=CVE-2018-2778"},{"name":"CVE-2018-2776","url":"https://www.cve.org/CVERecord?id=CVE-2018-2776"},{"name":"CVE-2018-2787","url":"https://www.cve.org/CVERecord?id=CVE-2018-2787"},{"name":"CVE-2018-2777","url":"https://www.cve.org/CVERecord?id=CVE-2018-2777"},{"name":"CVE-2018-2761","url":"https://www.cve.org/CVERecord?id=CVE-2018-2761"},{"name":"CVE-2018-2810","url":"https://www.cve.org/CVERecord?id=CVE-2018-2810"},{"name":"CVE-2018-2779","url":"https://www.cve.org/CVERecord?id=CVE-2018-2779"}],"links":[],"reference":"CERTFR-2018-AVI-191","revisions":[{"description":"Version initiale","revision_date":"2018-04-18T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle MySQL.\nCertaines d'entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Oracle MySQL","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2018verbose-3678067 du 17 avril 2018","url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2018verbose-3678108.html#MSQL"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2018-3678067 du 17 avril 2018","url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"}]}