MariaDB — ответвление от системы управления базами данных MySQL, разрабатываемое сообществом под лицензией GNU GPL.
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 144
GHSA-4mvf-f4q5-j3rq
An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
GHSA-m469-6q82-xqvx
An issue in the component Used_tables_and_const_cache::used_tables_and_const_cache_join of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
GHSA-8gjp-gp42-7qg3
An issue in the component my_decimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
GHSA-2h3p-557r-42m3
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc.
GHSA-g3vp-fwv2-p6m7
An issue in the component Create_tmp_table::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
GHSA-cw8p-532r-7gqx
MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements.
GHSA-247x-4435-qv9r
An issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
CVE-2022-27387
MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements.
CVE-2022-27387
MariaDB Server v10.7 and below was discovered to contain a global buff ...
CVE-2022-27386
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-4mvf-f4q5-j3rq An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
| GHSA-m469-6q82-xqvx An issue in the component Used_tables_and_const_cache::used_tables_and_const_cache_join of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
| GHSA-8gjp-gp42-7qg3 An issue in the component my_decimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
| GHSA-2h3p-557r-42m3 MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc. | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
| GHSA-g3vp-fwv2-p6m7 An issue in the component Create_tmp_table::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
| GHSA-cw8p-532r-7gqx MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements. | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
| GHSA-247x-4435-qv9r An issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
 | CVE-2022-27387 MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements. | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
| CVE-2022-27387 MariaDB Server v10.7 and below was discovered to contain a global buff ... | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
| CVE-2022-27386 MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc. | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу