Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component (*Column).GetDecimal. This allows attackers to cause a Denial of Service (DoS) via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the return type. NOTE: PingCAP disputes this, arguing that reproduction did not cause the security impact of service interruption to other users. They maintain it is a complex query bug in the product but not a DoS.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PingCAP TiDB 安全漏洞
Vulnerability Description
PingCAP TiDB是中国PingCAP公司的一个开源、云原生、分布式、兼容 MySQL 的数据库,用于弹性扩展和实时分析。 PingCAP TiDB v8.1.0版本存在安全漏洞,该漏洞源于 (*Column).GetDecimal 组件包含一个缓冲区溢出问题。
CVSS Information
N/A
Vulnerability Type
N/A