Search CVE reports
11 – 20 of 264 results
Some fixes available 3 of 6
MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc.
6 affected packages
mariadb-10.1, mariadb-10.3, mariadb-10.5, mariadb-10.6, mariadb-5.5, mariadb-10.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mariadb-10.1 | Not in release | Not in release | Not in release | Needs evaluation |
| mariadb-10.3 | Not in release | Not in release | Fixed | Not in release |
| mariadb-10.5 | Not in release | Not in release | Not in release | Not in release |
| mariadb-10.6 | Not in release | Fixed | Not in release | Not in release |
| mariadb-5.5 | Not in release | Not in release | Not in release | Not in release |
| mariadb-10.0 | Not in release | Not in release | Not in release | Not in release |
Some fixes available 1 of 6
MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/server_audit/server_audit.c method log_statement_ex, the held lock lock_bigbuffer is not released correctly, which allows local users to...
6 affected packages
mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.5, mariadb-10.6, mariadb-5.5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mariadb-10.0 | — | — | — | — |
| mariadb-10.1 | — | — | — | Needs evaluation |
| mariadb-10.3 | — | — | Fixed | — |
| mariadb-10.5 | — | — | — | — |
| mariadb-10.6 | Not in release | Not affected | — | — |
| mariadb-5.5 | — | — | — | — |
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (i.e., going to the err label) while executing the method create_worker_threads, the held...
6 affected packages
mariadb-10.5, mariadb-10.6, mariadb-10.0, mariadb-5.5, mariadb-10.1, mariadb-10.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mariadb-10.5 | — | — | — | — |
| mariadb-10.6 | Not in release | Not affected | — | — |
| mariadb-10.0 | — | — | — | — |
| mariadb-5.5 | — | — | — | — |
| mariadb-10.1 | — | — | — | Not affected |
| mariadb-10.3 | — | — | Not affected | — |
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (pthread_create returns a nonzero value) while executing the method create_worker_threads, the held lock is...
6 affected packages
mariadb-10.6, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.5, mariadb-5.5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mariadb-10.6 | Not in release | Not affected | — | — |
| mariadb-10.0 | — | — | — | — |
| mariadb-10.1 | — | — | — | Not affected |
| mariadb-10.3 | — | — | Not affected | — |
| mariadb-10.5 | — | — | — | — |
| mariadb-5.5 | — | — | — | — |
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_xbstream.cc, when an error occurs (stream_ctxt->dest_file == NULL) while executing the method xbstream_open, the held lock is not released...
6 affected packages
mariadb-10.6, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.5, mariadb-5.5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mariadb-10.6 | Not in release | Not affected | — | — |
| mariadb-10.0 | — | — | — | — |
| mariadb-10.1 | — | — | — | Not affected |
| mariadb-10.3 | — | — | Not affected | — |
| mariadb-10.5 | — | — | — | — |
| mariadb-5.5 | — | — | — | — |
Some fixes available 3 of 4
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-27447. Reason: This candidate is a reservation duplicate of CVE-2022-27447. Notes: All CVE users should reference CVE-2022-27447 instead of this candidate.
4 affected packages
mariadb-10.3, mariadb-10.5, mariadb-10.6, mariadb-10.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mariadb-10.3 | — | — | Fixed | — |
| mariadb-10.5 | Not in release | Not in release | — | — |
| mariadb-10.6 | Not in release | Fixed | — | — |
| mariadb-10.1 | — | — | — | Not affected |
Some fixes available 3 of 5
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_mb_wc_latin1 at /strings/ctype-latin1.c.
4 affected packages
mariadb-10.1, mariadb-10.3, mariadb-10.5, mariadb-10.6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mariadb-10.1 | — | — | — | Needs evaluation |
| mariadb-10.3 | — | — | Fixed | — |
| mariadb-10.5 | Not in release | Not in release | — | — |
| mariadb-10.6 | Not in release | Fixed | — | — |
Some fixes available 3 of 5
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component VDec::VDec at /sql/sql_type.cc.
4 affected packages
mariadb-10.1, mariadb-10.3, mariadb-10.5, mariadb-10.6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mariadb-10.1 | — | — | — | Needs evaluation |
| mariadb-10.3 | — | — | Fixed | — |
| mariadb-10.5 | Not in release | Not in release | — | — |
| mariadb-10.6 | Not in release | Fixed | — | — |
Some fixes available 3 of 5
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c.
4 affected packages
mariadb-10.1, mariadb-10.3, mariadb-10.5, mariadb-10.6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mariadb-10.1 | — | — | — | Needs evaluation |
| mariadb-10.3 | — | — | Fixed | — |
| mariadb-10.5 | Not in release | Not in release | — | — |
| mariadb-10.6 | Not in release | Fixed | — | — |
Some fixes available 3 of 5
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.cc.
4 affected packages
mariadb-10.1, mariadb-10.3, mariadb-10.5, mariadb-10.6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mariadb-10.1 | — | — | — | Needs evaluation |
| mariadb-10.3 | — | — | Fixed | — |
| mariadb-10.5 | Not in release | Not in release | — | — |
| mariadb-10.6 | Not in release | Fixed | — | — |