MariaDB — ответвление от системы управления базами данных MySQL, разрабатываемое сообществом под лицензией GNU GPL.
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 129
BDU:2023-05678
Уязвимость компонента ds_compress.cc системы управления базами данных MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
GHSA-44q2-c8m6-j2gg
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_func_in::cleanup/Item::cleanup_processor.
GHSA-qcx8-8xph-pfh5
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select.
GHSA-85h8-46x6-w44w
MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc.
GHSA-cxcg-577f-2582
MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Item_subselect::init_expr_cache_tracker.
GHSA-8rp2-7jc6-wrw4
MariaDB v10.4 to v10.8 was discovered to contain a segmentation fault via the component Item_field::fix_outer_field.
GHSA-hc55-j7j2-f8w9
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_args::walk_args.
GHSA-mvw8-35pm-hmgm
MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault via the component st_select_lex_unit::exclude_level.
GHSA-vcx9-8fp4-h37w
MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc.
GHSA-cwg9-vp4r-v3q2
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | BDU:2023-05678 Уязвимость компонента ds_compress.cc системы управления базами данных MariaDB, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.5 | 0% Низкий | почти 3 года назад |
| GHSA-44q2-c8m6-j2gg MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_func_in::cleanup/Item::cleanup_processor. | CVSS3: 7.5 | 0% Низкий | почти 3 года назад |
| GHSA-qcx8-8xph-pfh5 MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select. | CVSS3: 7.5 | 0% Низкий | почти 3 года назад |
| GHSA-85h8-46x6-w44w MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc. | CVSS3: 9.8 | 0% Низкий | почти 3 года назад |
| GHSA-cxcg-577f-2582 MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Item_subselect::init_expr_cache_tracker. | CVSS3: 7.5 | 0% Низкий | почти 3 года назад |
| GHSA-8rp2-7jc6-wrw4 MariaDB v10.4 to v10.8 was discovered to contain a segmentation fault via the component Item_field::fix_outer_field. | CVSS3: 7.5 | 0% Низкий | почти 3 года назад |
| GHSA-hc55-j7j2-f8w9 MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_args::walk_args. | CVSS3: 7.5 | 0% Низкий | почти 3 года назад |
| GHSA-mvw8-35pm-hmgm MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault via the component st_select_lex_unit::exclude_level. | CVSS3: 7.5 | 0% Низкий | почти 3 года назад |
| GHSA-vcx9-8fp4-h37w MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc. | CVSS3: 9.8 | 0% Низкий | почти 3 года назад |
| GHSA-cwg9-vp4r-v3q2 MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort. | CVSS3: 7.5 | 0% Низкий | почти 3 года назад |
Уязвимостей на страницу