CVE-2022-27381

Опубликовано: 12 апр. 2022

Источник: debian

EPSS Низкий

Описание

An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
mariadb-10.6	fixed	1:10.6.8-1		package
mariadb-10.5	removed			package
mariadb-10.5	fixed	1:10.5.18-0+deb11u1	bullseye	package
mariadb-10.3	removed			package
mariadb-10.1	not-affected			package

Примечания

MariaDB bug: https://jira.mariadb.org/browse/MDEV-26061
Fixed in MariaDB 10.2.44, 10.3.35, 10.4.25, 10.5.16, 10.6.8, 10.7.4
MariaDB commit: https://github.com/MariaDB/server/commit/b5e16a6e0381b28b598da80b414168ce9a5016e5 (10.2.44)

EPSS

Процентиль: 52%

0.00294

Низкий

Связанные уязвимости

CVE-2022-27381

CVSS3: 7.5

ubuntu

около 3 лет назад

An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.

CVE-2022-27381

CVSS3: 7.5

redhat

почти 4 года назад

An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.

CVE-2022-27381

CVSS3: 7.5

nvd

около 3 лет назад

An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.

CVE-2022-27381

CVSS3: 7.5

msrc

около 3 лет назад

Описание отсутствует

GHSA-4mvf-f4q5-j3rq

CVSS3: 7.5

github

около 3 лет назад

An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.

EPSS

Процентиль: 52%

0.00294

Низкий