CVE-2021-46669

Опубликовано: 01 фев. 2022

Источник: debian

EPSS Низкий

Описание

MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.

Пакет	Статус	Версия исправления	Релиз	Тип
mariadb-10.6	fixed	1:10.6.7-1		package
mariadb-10.5	removed			package
mariadb-10.5	fixed	1:10.5.18-0+deb11u1	bullseye	package
mariadb-10.3	removed			package

MariaDB Bug: https://jira.mariadb.org/browse/MDEV-25638
Commit MariaDB: https://github.com/MariaDB/server/commit/c274853c0797801de0398699d60c8579c45d1f61 (mariadb-10.2.44)
Fixed in MariaDB: 10.2.44, 10.3.35, 10.4.25, 10.5.16, 10.6.8, 10.7.4

EPSS

Процентиль: 64%

0.00481

Низкий

CVE-2021-46669

CVSS3: 7.5

ubuntu

больше 3 лет назад

MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.

CVE-2021-46669

CVSS3: 6.5

redhat

около 4 лет назад

MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.

CVE-2021-46669

CVSS3: 7.5

nvd

больше 3 лет назад

MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.

CVE-2021-46669

CVSS3: 7.5

msrc

больше 3 лет назад

Описание отсутствует

GHSA-wrw9-g9r9-p9h2

CVSS3: 7.5

github

больше 3 лет назад

MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.

EPSS

Процентиль: 64%

0.00481

Низкий