CVE-2022-27386

CVSS v3.1 7.5 (High)

CVSS v2.0 5 (Medium)

EPSS 0.13 % (48^th)

Affected Products 2

Advisories 23

MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc.

Weaknesses

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2022-04-12 20:15:08
(2 years ago)
Updated Date: 2022-09-29 16:26:22
(2 years ago)

Affected Products

Debian

Debian Linux

Mariadb

Mariadb

Configuration #1

		CPE23	From	Up To
	Mariadb from 10.2.0 version and prior 10.2.44 version	cpe:2.3:a:mariadb:mariadb	>= 10.2.0	< 10.2.44
	Mariadb from 10.3.0 version and prior 10.3.35 version	cpe:2.3:a:mariadb:mariadb	>= 10.3.0	< 10.3.35
	Mariadb from 10.4.0 version and prior 10.4.25 version	cpe:2.3:a:mariadb:mariadb	>= 10.4.0	< 10.4.25
	Mariadb from 10.5.0 version and prior 10.5.16 version	cpe:2.3:a:mariadb:mariadb	>= 10.5.0	< 10.5.16
	Mariadb from 10.6.0 version and prior 10.6.8 version	cpe:2.3:a:mariadb:mariadb	>= 10.6.0	< 10.6.8
	Mariadb from 10.7.0 version and prior 10.7.4 version	cpe:2.3:a:mariadb:mariadb	>= 10.7.0	< 10.7.4

Configuration #2

		CPE23	From	Up To
	Debian Linux 10.0	cpe:2.3:o:debian:debian_linux:10.0