vulnerability

Oracle Linux: CVE-2025-5399: ELSA-2025-15699: mysql-selinux and mysql8.4 security update (MODERATE) (Multiple Advisories)

Try Surface Command
Back to search
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
Jun 7, 2025
Added
Sep 15, 2025
Modified
Sep 19, 2025

Description

Due to a mistake in libcurl's WebSocket code, a malicious server can send a
particularly crafted packet which makes libcurl get trapped in an endless
busy-loop.
There is no other way for the application to escape or exit this loop other
than killing the thread/process.
This might be used to DoS libcurl-using application.

Solutions

oracle-linux-upgrade-mecaboracle-linux-upgrade-mecab-develoracle-linux-upgrade-mecab-ipadicoracle-linux-upgrade-mecab-ipadic-eucjporacle-linux-upgrade-mysqloracle-linux-upgrade-mysql8-4oracle-linux-upgrade-mysql8-4-commonoracle-linux-upgrade-mysql8-4-develoracle-linux-upgrade-mysql8-4-errmsgoracle-linux-upgrade-mysql8-4-libsoracle-linux-upgrade-mysql8-4-serveroracle-linux-upgrade-mysql8-4-testoracle-linux-upgrade-mysql8-4-test-dataoracle-linux-upgrade-mysql-commonoracle-linux-upgrade-mysql-develoracle-linux-upgrade-mysql-errmsgoracle-linux-upgrade-mysql-libsoracle-linux-upgrade-mysql-selinuxoracle-linux-upgrade-mysql-serveroracle-linux-upgrade-mysql-testoracle-linux-upgrade-mysql-test-dataoracle-linux-upgrade-rapidjson-develoracle-linux-upgrade-rapidjson-doc

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today