7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
67.4%
software: mariadb 10.5.20
OS: ROSA-CHROME
package_evr_string: mariadb-10.5.20-1.src.rpm
CVE-ID: CVE-2022-27447
BDU-ID: 2022-06909
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Binary_string::free_buffer() function of the /sql/sql_string.h component of the MariaDB DBMS is related to memory usage after it has been freed. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run command: sudo dnf update mariadb
CVE-ID: CVE-2022-27448
BDU-ID: 2022-06913
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the /row/row0mysql.cc component of the MariaDB DBMS is related to a flaw in the use of the assert() function. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2022-27449
BDU-ID: 2022-06919
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the sql/item_func.cc component of the MariaDB DBMS is related to a flaw in the use of the assert() function. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2022-27451
BDU-ID: 2023-05683
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the field_conv.cc component of the MariaDB database management system is related to errors in the use of the code validation system. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2022-27452
BDU-ID: 2022-06907
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the sql/item_cmpfunc.cc component of the MariaDB DBMS is related to a flaw in the use of the assert() function. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2022-27455
BDU-ID: 2023-05677
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the my_wildcmp_8bit_impl component of the MariaDB database management system is related to memory utilization after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service.
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2022-27456
BDU-ID: 2022-06914
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the VDec::VDec function of the /sql/sql_type.cc component of the MariaDB DBMS is related to memory usage after it is freed. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2022-27457
BDU-ID: 2023-05676
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the my_mb_wc_latin1 component of the MariaDB database management system is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service.
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2022-27458
BDU-ID: 2022-06910
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Binary_string::free_buffer() function of the /sql/sql_string.h component of the MariaDB DBMS is related to memory usage after it has been freed. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run command: sudo dnf update mariadb
CVE-ID: CVE-2022-31621
BDU-ID: 2022-03789
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the xbstream_open function (extra/mariabackup/ds_xbstream.cc) of the MariaDB database management system is related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2022-31622
BDU-ID: 2022-03791
CVE-Crit: LOW
CVE-DESC.: A vulnerability exists in the create_worker_threads method (extra/mariabackup/ds_compress.cc) of the MariaDB database management system due to incorrect resource sweep or release. Exploitation of the vulnerability could allow an attacker to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2022-31623
BDU-ID: 2022-03792
CVE-Crit: LOW
CVE-DESC.: A vulnerability exists in the create_worker_threads method (extra/mariabackup/ds_compress.cc) of the MariaDB database management system due to incorrect resource sweep or release. Exploitation of the vulnerability could allow an attacker to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2022-31624
BDU-ID: 2022-03790
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the log_statement_ex method (plugin/server_audit/server_audit/server_audit.c) of the MariaDB database management system is related to incorrect resource sweep or release. Exploitation of the vulnerability could allow an attacker to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2022-32081
BDU-ID: 2022-04075
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the prepare_inplace_add_virtual function of the MariaDB database management system is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to affect confidentiality, integrity, availability of protected information
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2022-32082
BDU-ID: 2022-05553
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the dict0dict.cc component of the MariaDB database management system involves the use of assert() or a similar operator. Exploiting the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2022-32083
BDU-ID: 2022-04080
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Item_subselect::init_expr_cache_tracker function of the MariaDB database management system is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to affect confidentiality, integrity, availability of protected information
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2022-32084
BDU-ID: 2022-04078
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the sub_select component of the MariaDB database management system is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, availability of protected information
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2022-32085
BDU-ID: 2022-04076
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Item_func_in::cleanup/Item::cleanup_processor function of the MariaDB database management system is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, availability of protected information
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2022-32086
BDU-ID: 2022-04087
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Item_field::fix_outer_field function of the MariaDB database management system is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to affect confidentiality, integrity, availability of protected information.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2022-32087
BDU-ID: 2022-04068
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Item_args::walk_args function of the MariaDB database management system is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to affect confidentiality, integrity, availability of protected information.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
67.4%