VYPR

rpm package

suse/mariadb&distro=SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS

Vulnerabilities (31)

  • CVE-2021-46669Feb 1, 2022
    affected < 10.2.44-150000.3.54.1fixed 10.2.44-150000.3.54.1

    MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.

  • CVE-2021-46657Jan 29, 2022
    affected < 10.2.43-3.51.1fixed 10.2.43-3.51.1

    get_sort_by_table in MariaDB before 10.6.2 allows an application crash via certain subquery uses of ORDER BY.

  • CVE-2021-46658Jan 29, 2022
    affected < 10.2.43-3.51.1fixed 10.2.43-3.51.1

    save_window_function_values in MariaDB before 10.6.3 allows an application crash because of incorrect handling of with_window_func=true for a subquery.

  • CVE-2021-46659Jan 29, 2022
    affected < 10.2.43-3.51.1fixed 10.2.43-3.51.1

    MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW.

  • CVE-2021-35604Oct 20, 2021
    affected < 10.2.41-3.48.1fixed 10.2.41-3.48.1

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.35 and prior and 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise

  • CVE-2021-2389Jul 20, 2021
    affected < 10.2.40-3.43.1fixed 10.2.40-3.43.1

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromi

  • CVE-2021-2372Jul 20, 2021
    affected < 10.2.40-3.43.1fixed 10.2.40-3.43.1

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromi

  • CVE-2021-2180Apr 22, 2021
    affected < 10.2.39-3.40.1fixed 10.2.39-3.40.1

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise

  • CVE-2021-2166Apr 22, 2021
    affected < 10.2.39-3.40.1fixed 10.2.39-3.40.1

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr

  • CVE-2021-2154Apr 22, 2021
    affected < 10.2.39-3.40.1fixed 10.2.39-3.40.1

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. S

  • CVE-2021-27928Mar 19, 2021
    affected < 10.2.39-3.40.1fixed 10.2.39-3.40.1

    A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in

Page 2 of 2