VYPR

rpm package

suse/mariadb&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS

Vulnerabilities (50)

  • CVE-2022-24048Feb 18, 2022
    affected < 10.4.24-3.25.1fixed 10.4.24-3.25.1

    MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists

  • CVE-2021-46661Feb 1, 2022
    affected < 10.4.24-3.25.1fixed 10.4.24-3.25.1

    MariaDB through 10.5.9 allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE).

  • CVE-2021-46663Feb 1, 2022
    affected < 10.4.24-3.25.1fixed 10.4.24-3.25.1

    MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements.

  • CVE-2021-46664Feb 1, 2022
    affected < 10.4.24-3.25.1fixed 10.4.24-3.25.1

    MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr.

  • CVE-2021-46665Feb 1, 2022
    affected < 10.4.24-3.25.1fixed 10.4.24-3.25.1

    MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations.

  • CVE-2021-46668Feb 1, 2022
    affected < 10.4.24-3.25.1fixed 10.4.24-3.25.1

    MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures.

  • CVE-2021-46669Feb 1, 2022
    affected < 10.4.25-150200.3.28.1fixed 10.4.25-150200.3.28.1

    MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.

  • CVE-2021-46657Jan 29, 2022
    affected < 10.4.24-3.25.1fixed 10.4.24-3.25.1

    get_sort_by_table in MariaDB before 10.6.2 allows an application crash via certain subquery uses of ORDER BY.

  • CVE-2021-46658Jan 29, 2022
    affected < 10.4.24-3.25.1fixed 10.4.24-3.25.1

    save_window_function_values in MariaDB before 10.6.3 allows an application crash because of incorrect handling of with_window_func=true for a subquery.

  • CVE-2021-46659Jan 29, 2022
    affected < 10.4.24-3.25.1fixed 10.4.24-3.25.1

    MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW.

Page 3 of 3