CVE-2022-27387

Опубликовано: 01 апр. 2021

Источник: redhat

CVSS3: 7.5

EPSS Низкий

Описание

MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements.

A flaw was found in the MariaDB Server. It contains a global buffer overflow in the component, decimal_bin_size, which is exploited via specially crafted SQL statements, impacting availability.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 7	mariadb	Out of support scope
Red Hat OpenStack Platform 13 (Queens)	mariadb	Out of support scope
Red Hat Enterprise Linux 8	mariadb	Fixed	RHSA-2022:5826	02.08.2022
Red Hat Enterprise Linux 8	mariadb	Fixed	RHSA-2022:6443	13.09.2022
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	mariadb	Fixed	RHSA-2023:6821	08.11.2023
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	mariadb	Fixed	RHSA-2023:6821	08.11.2023
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	mariadb	Fixed	RHSA-2023:6821	08.11.2023
Red Hat Enterprise Linux 9	mariadb	Fixed	RHSA-2022:5948	09.08.2022
Red Hat Software Collections for Red Hat Enterprise Linux 7	rh-mariadb105-mariadb	Fixed	RHSA-2022:5759	28.07.2022
Red Hat Software Collections for Red Hat Enterprise Linux 7	rh-mariadb103-mariadb	Fixed	RHSA-2022:6306	01.09.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-119

https://bugzilla.redhat.com/show_bug.cgi?id=2075006mariadb: assertion failures in decimal_bin_size

EPSS

Процентиль: 48%

0.00246

Низкий

7.5 High

CVSS3

Связанные уязвимости

CVE-2022-27387

CVSS3: 7.5

ubuntu

почти 4 года назад

MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements.

CVE-2022-27387

CVSS3: 7.5

nvd

почти 4 года назад

MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements.

CVE-2022-27387

CVSS3: 7.5

msrc

почти 4 года назад

MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size which is exploited via specially crafted SQL statements.

CVE-2022-27387

CVSS3: 7.5

debian

почти 4 года назад

MariaDB Server v10.7 and below was discovered to contain a global buff ...

GHSA-cw8p-532r-7gqx

CVSS3: 7.5

github

почти 4 года назад

MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements.

EPSS

Процентиль: 48%

0.00246

Низкий

7.5 High

CVSS3