MariaDB — ответвление от системы управления базами данных MySQL, разрабатываемое сообществом под лицензией GNU GPL.
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 149
CVE-2015-3152
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.
CVE-2015-3152
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclien ...
CVE-2015-3152
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.
CVE-2016-0668
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB.
CVE-2016-0668
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.1 ...
CVE-2016-0666
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges.
CVE-2016-0666
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 a ...
CVE-2016-0655
Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB.
CVE-2016-0655
Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.1 ...
CVE-2016-0651
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2015-3152 Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack. | CVSS3: 5.9 | 52% Средний | больше 9 лет назад |
| CVE-2015-3152 Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclien ... | CVSS3: 5.9 | 52% Средний | больше 9 лет назад |
 | CVE-2015-3152 Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack. | CVSS3: 5.9 | 52% Средний | больше 9 лет назад |
| CVE-2016-0668 Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB. | CVSS3: 4.1 | 0% Низкий | почти 10 лет назад |
| CVE-2016-0668 Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.1 ... | CVSS3: 4.1 | 0% Низкий | почти 10 лет назад |
| CVE-2016-0666 Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges. | CVSS3: 5.5 | 0% Низкий | почти 10 лет назад |
| CVE-2016-0666 Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 a ... | CVSS3: 5.5 | 0% Низкий | почти 10 лет назад |
| CVE-2016-0655 Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB. | CVSS3: 4.7 | 0% Низкий | почти 10 лет назад |
| CVE-2016-0655 Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.1 ... | CVSS3: 4.7 | 0% Низкий | почти 10 лет назад |
| CVE-2016-0651 Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer. | CVSS3: 5.5 | 0% Низкий | почти 10 лет назад |
Уязвимостей на страницу