First published: Fri Jan 20 2023(Updated: )
MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mariadb Mariadb | >=10.3.34<=10.9.3 | |
redhat/mariadb | <10.11.3 | 10.11.3 |
redhat/mariadb | <10.10.4 | 10.10.4 |
redhat/mariadb | <10.9.6 | 10.9.6 |
redhat/mariadb | <10.8.8 | 10.8.8 |
redhat/mariadb | <10.6.13 | 10.6.13 |
redhat/mariadb | <10.5.20 | 10.5.20 |
redhat/mariadb | <10.4.29 | 10.4.29 |
redhat/mariadb | <10.3.39 | 10.3.39 |
ubuntu/mariadb-10.3 | <1:10.3.39-0ubuntu0.20.04.2 | 1:10.3.39-0ubuntu0.20.04.2 |
ubuntu/mariadb-10.6 | <1:10.6.16-0ubuntu0.22.04.1 | 1:10.6.16-0ubuntu0.22.04.1 |
debian/mariadb | 1:10.11.6-0+deb12u1 1:10.11.7-4 | |
debian/mariadb-10.3 | <=1:10.3.34-0+deb10u1 | 1:10.3.39-0+deb10u2 |
debian/mariadb-10.5 | 1:10.5.23-0+deb11u1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this MariaDB Server vulnerability is CVE-2022-47015.
CVE-2022-47015 has a severity level of 6.5 (medium).
MariaDB Server versions before 10.3.34 through 10.9.3 are affected by CVE-2022-47015.
CVE-2022-47015 can lead to a Denial of Service (DoS) attack.
To fix CVE-2022-47015, update your MariaDB Server to version 10.9.3 or later.