Search CVE reports
171 – 180 of 216 results
CVE-2022-32081
Medium prioritySome fixes available 3 of 6
MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc.
6 affected packages
mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.5, mariadb-10.6, mariadb-5.5
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb-10.0 | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
mariadb-10.1 | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
mariadb-10.3 | Not in release | Not in release | Fixed | Not in release | Not in release |
mariadb-10.5 | Not in release | Not in release | Not in release | Not in release | Not in release |
mariadb-10.6 | Not in release | Fixed | Not in release | Not in release | Not in release |
mariadb-5.5 | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2022-31624
Medium prioritySome fixes available 1 of 6
MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/server_audit/server_audit.c method log_statement_ex, the held lock lock_bigbuffer is not released correctly, which allows local users to...
6 affected packages
mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.5, mariadb-10.6, mariadb-5.5
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb-10.0 | — | — | — | — | Needs evaluation |
mariadb-10.1 | — | — | — | Needs evaluation | — |
mariadb-10.3 | — | — | Fixed | — | — |
mariadb-10.5 | — | — | — | — | — |
mariadb-10.6 | Not in release | Not affected | — | — | — |
mariadb-5.5 | — | — | — | — | — |
CVE-2022-31623
Medium priority** DISPUTED ** MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (i.e., going to the err label) while executing the method create_worker_threads, the held lock...
6 affected packages
mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.5, mariadb-10.6, mariadb-5.5
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb-10.0 | — | — | — | — | Not affected |
mariadb-10.1 | — | — | — | Not affected | — |
mariadb-10.3 | — | — | Not affected | — | — |
mariadb-10.5 | — | — | — | — | — |
mariadb-10.6 | Not in release | Not affected | — | — | — |
mariadb-5.5 | — | — | — | — | — |
CVE-2022-31622
Medium priority** DISPUTED ** MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (pthread_create returns a nonzero value) while executing the method create_worker_threads, the...
6 affected packages
mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.5, mariadb-10.6, mariadb-5.5
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb-10.0 | — | — | — | — | Not affected |
mariadb-10.1 | — | — | — | Not affected | — |
mariadb-10.3 | — | — | Not affected | — | — |
mariadb-10.5 | — | — | — | — | — |
mariadb-10.6 | Not in release | Not affected | — | — | — |
mariadb-5.5 | — | — | — | — | — |
CVE-2022-31621
Medium priority** DISPUTED ** MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_xbstream.cc, when an error occurs (stream_ctxt->dest_file == NULL) while executing the method xbstream_open, the held lock is...
6 affected packages
mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.5, mariadb-10.6, mariadb-5.5
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb-10.0 | — | — | — | — | Not affected |
mariadb-10.1 | — | — | — | Not affected | — |
mariadb-10.3 | — | — | Not affected | — | — |
mariadb-10.5 | — | — | — | — | — |
mariadb-10.6 | Not in release | Not affected | — | — | — |
mariadb-5.5 | — | — | — | — | — |
CVE-2022-21427
Medium prioritySome fixes available 12 of 18
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker...
13 affected packages
mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.5, mariadb-10.6...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb-10.0 | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
mariadb-10.1 | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
mariadb-10.3 | Not in release | Not in release | Fixed | Not in release | Not in release |
mariadb-10.5 | Not in release | Not in release | Not in release | Not in release | Not in release |
mariadb-10.6 | Not in release | Fixed | Not in release | Not in release | Not in release |
mariadb-5.5 | Not in release | Not in release | Not in release | Not in release | Not in release |
mysql-5.5 | Not in release | Not in release | Not in release | Not in release | Not in release |
mysql-5.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
mysql-5.7 | Not in release | Not in release | Not in release | Fixed | Fixed |
mysql-8.0 | Fixed | Fixed | Fixed | Not in release | Not in release |
percona-server-5.6 | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
percona-xtradb-cluster-5.5 | Not in release | Not in release | Not in release | Not in release | Not in release |
percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
CVE-2022-27457
Medium prioritySome fixes available 3 of 5
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_mb_wc_latin1 at /strings/ctype-latin1.c.
4 affected packages
mariadb-10.1, mariadb-10.3, mariadb-10.5, mariadb-10.6
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb-10.1 | — | — | — | Needs evaluation | Ignored |
mariadb-10.3 | — | — | Fixed | — | Ignored |
mariadb-10.5 | Not in release | Not in release | — | — | Ignored |
mariadb-10.6 | Not in release | Fixed | — | — | Ignored |
CVE-2022-27456
Medium prioritySome fixes available 3 of 5
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component VDec::VDec at /sql/sql_type.cc.
4 affected packages
mariadb-10.1, mariadb-10.3, mariadb-10.5, mariadb-10.6
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb-10.1 | — | — | — | Needs evaluation | Ignored |
mariadb-10.3 | — | — | Fixed | — | Ignored |
mariadb-10.5 | Not in release | Not in release | — | — | Ignored |
mariadb-10.6 | Not in release | Fixed | — | — | Ignored |
CVE-2022-27455
Medium prioritySome fixes available 3 of 5
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c.
4 affected packages
mariadb-10.1, mariadb-10.3, mariadb-10.5, mariadb-10.6
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb-10.1 | — | — | — | Needs evaluation | Ignored |
mariadb-10.3 | — | — | Fixed | — | Ignored |
mariadb-10.5 | Not in release | Not in release | — | — | Ignored |
mariadb-10.6 | Not in release | Fixed | — | — | Ignored |
CVE-2022-27452
Medium prioritySome fixes available 3 of 5
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.cc.
4 affected packages
mariadb-10.1, mariadb-10.3, mariadb-10.5, mariadb-10.6
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb-10.1 | — | — | — | Needs evaluation | Ignored |
mariadb-10.3 | — | — | Fixed | — | Ignored |
mariadb-10.5 | Not in release | Not in release | — | — | Ignored |
mariadb-10.6 | Not in release | Fixed | — | — | Ignored |