High severity8.8NVD Advisory· Published May 20, 2020· Updated Jun 17, 2026
CVE-2020-13249
CVE-2020-13249
Description
libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadb_lib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
43- MariaDB/Connector/Cdescription
- Range: <3.1.8
- osv-coords41 versionspkg:rpm/almalinux/Judypkg:rpm/almalinux/mariadb-connector-cpkg:rpm/almalinux/mariadb-connector-c-configpkg:rpm/almalinux/mariadb-connector-c-develpkg:rpm/opensuse/mariadb-connector-c&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/mariadb&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/mariadb&distro=openSUSE%20Tumbleweedpkg:rpm/suse/lz4&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/lz4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/lz4&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/mariadb-connector-c&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/mariadb-connector-c&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/mariadb-connector-c&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/mariadb-connector-c&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP1pkg:rpm/suse/mariadb-connector-c&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/mariadb-connector-c&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/mariadb-connector-c&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/mariadb-connector-c&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/mariadb-connector-c&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/mariadb-connector-c&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/mariadb-connector-c&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP1pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/mariadb&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/mariadb&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/mariadb&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 1.0.5-18.module_el8.6.0+2867+72759d2f+ 40 more
- (no CPE)range: < 1.0.5-18.module_el8.6.0+2867+72759d2f
- (no CPE)range: < 3.1.11-2.el8_3
- (no CPE)range: < 3.1.11-2.el8_3
- (no CPE)range: < 3.1.11-2.el8_3
- (no CPE)range: < 3.1.8-lp151.3.12.1
- (no CPE)range: < 10.2.32-lp151.2.15.1
- (no CPE)range: < 10.6.4-2.1
- (no CPE)range: < 1.8.0-3.5.2
- (no CPE)range: < 1.8.0-3.5.2
- (no CPE)range: < 1.8.0-3.5.2
- (no CPE)range: < 10.4.30-150100.3.5.10
- (no CPE)range: < 10.4.30-8.5.46
- (no CPE)range: < 10.4.30-150100.3.5.10
- (no CPE)range: < 10.4.30-8.5.46
- (no CPE)range: < 10.4.30-150100.3.5.10
- (no CPE)range: < 10.4.30-8.5.46
- (no CPE)range: < 3.1.8-3.18.1
- (no CPE)range: < 3.1.8-3.18.1
- (no CPE)range: < 3.1.8-3.18.1
- (no CPE)range: < 3.1.8-3.18.1
- (no CPE)range: < 3.1.8-2.15.1
- (no CPE)range: < 3.1.22-2.35.1
- (no CPE)range: < 3.1.8-3.18.1
- (no CPE)range: < 3.1.8-2.15.1
- (no CPE)range: < 3.1.22-2.35.1
- (no CPE)range: < 3.1.8-3.18.1
- (no CPE)range: < 3.1.22-2.35.1
- (no CPE)range: < 10.2.32-3.29.2
- (no CPE)range: < 10.2.32-3.28.2
- (no CPE)range: < 10.2.32-3.28.2
- (no CPE)range: < 10.2.32-3.28.2
- (no CPE)range: < 10.2.32-3.28.2
- (no CPE)range: < 10.2.36-19.1
- (no CPE)range: < 10.2.32-3.28.2
- (no CPE)range: < 10.2.32-3.28.2
- (no CPE)range: < 1.4.6-150100.3.3.7
- (no CPE)range: < 1.3.14-8.9.2
- (no CPE)range: < 1.4.6-150100.3.3.7
- (no CPE)range: < 1.3.14-8.9.2
- (no CPE)range: < 1.4.6-150100.3.3.7
- (no CPE)range: < 1.3.14-8.9.2
Patches
Vulnerability mechanics
References
6- github.com/mariadb-corporation/mariadb-connector-c/commit/2759b87d72926b7c9b5426437a7c8dd15ff57945nvdPatchThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2020-05/msg00064.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.htmlnvdBroken LinkMailing ListThird Party Advisory
- github.com/mariadb-corporation/mariadb-connector-c/compare/v3.1.7...v3.1.8nvdRelease NotesThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UW2ED32VEUHXFN2J3YQE27JIBV4SC2PI/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/nvd
News mentions
0No linked articles in our index yet.