CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2021-46667 – mariadb: Integer overflow in sql_lex.cc integer leading to crash
https://notcve.org/view.php?id=CVE-2021-46667
MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an application crash. MariaDB versiones anteriores a 10.6.5, presenta un desbordamiento de enteros en el archivo sql_lex.cc, conllevando a un bloqueo de la aplicación An integer overflow vulnerability was found in MariaDB, where an invalid size of ref_pointer_array is allocated. This issue results in a denial of service. • https://jira.mariadb.org/browse/MDEV-26350 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKJRBYJAQCOPHSED43A3HUPNKQLDTFGD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZFZVMJL5UDTOZMARLXQIMG3BTG6UNYW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJ4KDAGF3H4D4BDTHRAM6ZEAJJWWMRUO https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220221-0002 https://access.redhat.com/s • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1CVE-2021-46668 – mariadb: MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements
https://notcve.org/view.php?id=CVE-2021-46668
MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures. MariaDB versiones hasta 10.5.9, permite un bloqueo de la aplicación por medio de determinadas sentencias SELECT DISTINCT largas que interactúan inapropiadamente con las limitaciones de recursos del motor de almacenamiento para las estructuras de datos temporales • https://jira.mariadb.org/browse/MDEV-25787 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKJRBYJAQCOPHSED43A3HUPNKQLDTFGD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZFZVMJL5UDTOZMARLXQIMG3BTG6UNYW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJ4KDAGF3H4D4BDTHRAM6ZEAJJWWMRUO https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220221-0002 https://access.redhat.com/s • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1CVE-2021-46669 – mariadb: MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used
https://notcve.org/view.php?id=CVE-2021-46669
MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used. MariaDB versiones hasta 10.5.9, permite a atacantes desencadenar un uso de memoria previamente liberada en la función convert_const_to_int es usado el tipo de datos BIGINT A use-after-free vulnerability was found in MariaDB. This flaw allows attackers to trigger a convert_const_to_int() use-after-free when the BIGINT data type is used, resulting in a denial of service. • https://jira.mariadb.org/browse/MDEV-25638 https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRJCSPQHYPKTWXXZVDMY6JAHZJQ4TZ5X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KHEOTQ63YWC3PGHGDFGS7AZIEXCGOPWH https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220221-0002 https://access.redhat.com/security/cve/CVE-2021-46669 https://b • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2021-46657 – mariadb: Crash in get_sort_by_table() in subquery with ORDER BY having outer ref
https://notcve.org/view.php?id=CVE-2021-46657
get_sort_by_table in MariaDB before 10.6.2 allows an application crash via certain subquery uses of ORDER BY. La función get_sort_by_table en MariaDB versiones anteriores a 10.6.2, permite un bloqueo de la aplicación por medio de determinados usos de ORDER BY en la subconsulta • https://jira.mariadb.org/browse/MDEV-25629 https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220221-0002 https://access.redhat.com/security/cve/CVE-2021-46657 https://bugzilla.redhat.com/show_bug.cgi?id=2049305 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2021-46658 – mariadb: save_window_function_values triggers an abort during IN subquery
https://notcve.org/view.php?id=CVE-2021-46658
save_window_function_values in MariaDB before 10.6.3 allows an application crash because of incorrect handling of with_window_func=true for a subquery. La función save_window_function_values en MariaDB versiones anteriores a 10.6.3, permite un bloqueo de la aplicación debido al manejo incorrecto de with_window_func=true para una subconsulta • https://jira.mariadb.org/browse/MDEV-25630 https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220221-0002 https://access.redhat.com/security/cve/CVE-2021-46658 https://bugzilla.redhat.com/show_bug.cgi?id=2049294 • CWE-20: Improper Input Validation •