MariaDB — ответвление от системы управления базами данных MySQL, разрабатываемое сообществом под лицензией GNU GPL.
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 144
GHSA-mwgq-r782-4vx4
MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations.
GHSA-j6gf-pxm2-h6x5
MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements.
GHSA-jj99-6883-93g3
MariaDB through 10.5.9 allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE).
GHSA-f3hf-23j8-mwgw
MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an application crash.
GHSA-p388-7w8m-f48h
MariaDB through 10.5.9 allows a set_var.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery.
GHSA-qhvg-j82m-w264
MariaDB before 10.6.2 allows an application crash because of mishandling of a pushdown from a HAVING clause to a WHERE clause.
GHSA-7x2j-p87r-93gf
MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr.
GHSA-wrw9-g9r9-p9h2
MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.
GHSA-h8g7-9rx9-625q
MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures.
CVE-2021-46669
MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-mwgq-r782-4vx4 MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations. | CVSS3: 5.5 | 0% Низкий | больше 3 лет назад |
| GHSA-j6gf-pxm2-h6x5 MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements. | CVSS3: 5.5 | 0% Низкий | больше 3 лет назад |
| GHSA-jj99-6883-93g3 MariaDB through 10.5.9 allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE). | CVSS3: 5.5 | 0% Низкий | больше 3 лет назад |
| GHSA-f3hf-23j8-mwgw MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an application crash. | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
| GHSA-p388-7w8m-f48h MariaDB through 10.5.9 allows a set_var.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery. | CVSS3: 5.5 | 0% Низкий | больше 3 лет назад |
| GHSA-qhvg-j82m-w264 MariaDB before 10.6.2 allows an application crash because of mishandling of a pushdown from a HAVING clause to a WHERE clause. | CVSS3: 5.5 | 0% Низкий | больше 3 лет назад |
| GHSA-7x2j-p87r-93gf MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr. | CVSS3: 5.5 | 0% Низкий | больше 3 лет назад |
| GHSA-wrw9-g9r9-p9h2 MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
| GHSA-h8g7-9rx9-625q MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures. | CVSS3: 5.5 | 0% Низкий | больше 3 лет назад |
 | CVE-2021-46669 MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу