CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2021-46662 – mariadb: Crash in set_var.cc via certain UPDATE queries with nested subqueries
https://notcve.org/view.php?id=CVE-2021-46662
MariaDB through 10.5.9 allows a set_var.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery. MariaDB versiones hasta 10.5.9, permite un bloqueo de la aplicación set_var.cc por medio de determinados usos de una sentencia UPDATE junto con una subconsulta anidada • https://jira.mariadb.org/browse/MDEV-25637 https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220221-0002 https://access.redhat.com/security/cve/CVE-2021-46662 https://bugzilla.redhat.com/show_bug.cgi?id=2050019 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1CVE-2021-46663 – mariadb: MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements
https://notcve.org/view.php?id=CVE-2021-46663
MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements. MariaDB versiones hasta 10.5.13, permite un bloqueo de la aplicación ha_maria::extra por medio de determinadas sentencias SELECT • https://jira.mariadb.org/browse/MDEV-26351 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKJRBYJAQCOPHSED43A3HUPNKQLDTFGD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZFZVMJL5UDTOZMARLXQIMG3BTG6UNYW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJ4KDAGF3H4D4BDTHRAM6ZEAJJWWMRUO https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220221-0002 https://access.redhat.com/s • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1CVE-2021-46664 – mariadb: MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr
https://notcve.org/view.php?id=CVE-2021-46664
MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr. MariaDB versiones hasta 10.5.9, permite un bloqueo de aplicación en la función sub_select_postjoin_aggr por un valor NULL de aggr • https://jira.mariadb.org/browse/MDEV-25761 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKJRBYJAQCOPHSED43A3HUPNKQLDTFGD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZFZVMJL5UDTOZMARLXQIMG3BTG6UNYW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJ4KDAGF3H4D4BDTHRAM6ZEAJJWWMRUO https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220221-0002 https://access.redhat.com/s • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1CVE-2021-46665 – mariadb: MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations
https://notcve.org/view.php?id=CVE-2021-46665
MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations. MariaDB versiones hasta 10.5.9, permite un bloqueo de la aplicación sql_parse.cc debido a expectativas incorrectas de used_tables • https://jira.mariadb.org/browse/MDEV-25636 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKJRBYJAQCOPHSED43A3HUPNKQLDTFGD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZFZVMJL5UDTOZMARLXQIMG3BTG6UNYW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJ4KDAGF3H4D4BDTHRAM6ZEAJJWWMRUO https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220221-0002 https://access.redhat.com/s • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2021-46666 – mariadb: Crash caused by mishandling of a pushdown from a HAVING clause to a WHERE clause
https://notcve.org/view.php?id=CVE-2021-46666
MariaDB before 10.6.2 allows an application crash because of mishandling of a pushdown from a HAVING clause to a WHERE clause. MariaDB versiones anteriores a 10.6.2, permite un bloqueo de la aplicación debido a un manejo inapropiado de un pushdown de una cláusula HAVING a una cláusula WHERE • https://jira.mariadb.org/browse/MDEV-25635 https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220221-0002 https://access.redhat.com/security/cve/CVE-2021-46666 https://bugzilla.redhat.com/show_bug.cgi?id=2050028 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •