MariaDB — ответвление от системы управления базами данных MySQL, разрабатываемое сообществом под лицензией GNU GPL.
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 144
CVE-2015-2325
The compile_branch function in PCRE before 8.37 allows context-depende ...
CVE-2015-2325
The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large number of times within a repeated outer group that has a zero minimum quantifier.
CVE-2015-2326
The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by "((?+1)(\1))/".
BDU:2020-00431
Уязвимость компонента C API системы управления базами данных MySQL Client, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2020:0050-1
Security update for mariadb
SUSE-SU-2019:3370-1
Security update for mariadb-100
CVE-2022-27386
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc.
CVE-2019-2974
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
CVE-2019-2974
Vulnerability in the MySQL Server product of Oracle MySQL (component: ...
CVE-2019-2938
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2015-2325 The compile_branch function in PCRE before 8.37 allows context-depende ... | CVSS3: 7.8 | 1% Низкий | больше 5 лет назад |
 | CVE-2015-2325 The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large number of times within a repeated outer group that has a zero minimum quantifier. | CVSS3: 7.8 | 1% Низкий | больше 5 лет назад |
| CVE-2015-2326 The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by "((?+1)(\1))/". | CVSS3: 5.5 | 0% Низкий | больше 5 лет назад |
 | BDU:2020-00431 Уязвимость компонента C API системы управления базами данных MySQL Client, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.9 | 0% Низкий | больше 5 лет назад |
 | SUSE-SU-2020:0050-1 Security update for mariadb | 0% Низкий | больше 5 лет назад | |
| SUSE-SU-2019:3370-1 Security update for mariadb-100 | 0% Низкий | больше 5 лет назад | |
 | CVE-2022-27386 MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc. | CVSS3: 7.5 | 0% Низкий | почти 6 лет назад |
 | CVE-2019-2974 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | CVSS3: 6.5 | 0% Низкий | почти 6 лет назад |
| CVE-2019-2974 Vulnerability in the MySQL Server product of Oracle MySQL (component: ... | CVSS3: 6.5 | 0% Низкий | почти 6 лет назад |
| CVE-2019-2938 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). | CVSS3: 4.4 | 0% Низкий | почти 6 лет назад |
Уязвимостей на страницу