CVE-2016-5444
3.7
LOW
CVSS 3.1
EPSS 3.5%
Description
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.
How to fix CVE-2016-5444
To remediate CVE-2016-5444, upgrade the affected package to a fixed version below.
- Alpine/mariadb—upgrade to 5.5.51-r0 or later
Is CVE-2016-5444 being exploited?
Low — EPSS is 3.5%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 5.5.51-r0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | LOW3.7 | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |