MariaDB — ответвление от системы управления базами данных MySQL, разрабатываемое сообществом под лицензией GNU GPL.
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 149
GHSA-x3qj-5vwp-jfh8
MariaDB Server v10.6.5 and below was discovered to contain an use-after-free in the component Item_args::walk_arg, which is exploited via specially crafted SQL statements.
GHSA-99jw-w9c8-f6wv
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Item_func_in::cleanup(), which is exploited via specially crafted SQL statements.
GHSA-4mvf-f4q5-j3rq
An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
GHSA-m469-6q82-xqvx
An issue in the component Used_tables_and_const_cache::used_tables_and_const_cache_join of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
GHSA-6hwc-564p-37h2
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Item_field::used_tables/update_depend_map_for_order.
GHSA-g3vp-fwv2-p6m7
An issue in the component Create_tmp_table::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
GHSA-53wc-v4mf-xrvp
MariaDB Server v10.6 and below was discovered to contain an use-after-free in the component my_strcasecmp_8bit, which is exploited via specially crafted SQL statements.
GHSA-2h3p-557r-42m3
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc.
GHSA-8gjp-gp42-7qg3
An issue in the component my_decimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
GHSA-m42w-339f-jp66
An issue in the component Arg_comparator::compare_real_fixed of MariaDB Server v10.6.2 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-x3qj-5vwp-jfh8 MariaDB Server v10.6.5 and below was discovered to contain an use-after-free in the component Item_args::walk_arg, which is exploited via specially crafted SQL statements. | CVSS3: 7.5 | 0% Низкий | почти 4 года назад |
| GHSA-99jw-w9c8-f6wv MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Item_func_in::cleanup(), which is exploited via specially crafted SQL statements. | CVSS3: 7.5 | 0% Низкий | почти 4 года назад |
| GHSA-4mvf-f4q5-j3rq An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | CVSS3: 7.5 | 0% Низкий | почти 4 года назад |
| GHSA-m469-6q82-xqvx An issue in the component Used_tables_and_const_cache::used_tables_and_const_cache_join of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | CVSS3: 7.5 | 0% Низкий | почти 4 года назад |
| GHSA-6hwc-564p-37h2 MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Item_field::used_tables/update_depend_map_for_order. | CVSS3: 7.5 | 0% Низкий | почти 4 года назад |
| GHSA-g3vp-fwv2-p6m7 An issue in the component Create_tmp_table::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | CVSS3: 7.5 | 0% Низкий | почти 4 года назад |
| GHSA-53wc-v4mf-xrvp MariaDB Server v10.6 and below was discovered to contain an use-after-free in the component my_strcasecmp_8bit, which is exploited via specially crafted SQL statements. | CVSS3: 7.5 | 0% Низкий | почти 4 года назад |
| GHSA-2h3p-557r-42m3 MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc. | CVSS3: 7.5 | 0% Низкий | почти 4 года назад |
| GHSA-8gjp-gp42-7qg3 An issue in the component my_decimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | CVSS3: 7.5 | 0% Низкий | почти 4 года назад |
| GHSA-m42w-339f-jp66 An issue in the component Arg_comparator::compare_real_fixed of MariaDB Server v10.6.2 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | CVSS3: 7.5 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу