mariadb (SUSE:OpenStack Cloud 7) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud 7 package mariadb, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (83)
CVE-2016-9843 — CVSS 9.8 (critical): The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving…
CVE-2020-15180 — CVSS 9.0 (critical): A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection…
CVE-2017-15365 — CVSS 8.8 (high): sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x…
CVE-2020-13249 — CVSS 8.8 (high): libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server…
CVE-2017-3309 — CVSS 7.7 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2018-2755 — CVSS 7.7 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are…
CVE-2017-3308 — CVSS 7.7 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54…
CVE-2017-3302 — CVSS 7.5 (high): Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x…
CVE-2018-3064 — CVSS 7.1 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and…
CVE-2018-2562 — CVSS 7.1 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are…
CVE-2019-2805 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44…
CVE-2019-2740 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44…
CVE-2018-3143 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and…
CVE-2018-3156 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and…
CVE-2017-3257 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34…
CVE-2018-3251 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and…
CVE-2019-2529 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2017-3453 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2018-2622 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58…
CVE-2018-2640 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2018-2665 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2018-2668 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2019-2974 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45…
CVE-2017-10378 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2017-10379 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are…
CVE-2018-2782 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and…
CVE-2018-2784 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and…
CVE-2017-10384 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57…
CVE-2018-2817 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59…
CVE-2018-2819 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and…
CVE-2018-3060 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.22 and…
CVE-2020-14765 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.6.49 and…
CVE-2018-2612 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and…
CVE-2017-1002201 — CVSS 6.1 (medium): In haml versions prior to version 5.0.0.beta.2, when using user input to perform tasks on the server, characters like < > " ' must be…
CVE-2020-2574 — CVSS 5.9 (medium): Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.46 and prior…
CVE-2018-2761 — CVSS 5.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are…
CVE-2020-2760 — CVSS 5.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.29 and prior…
CVE-2019-2758 — CVSS 5.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.26 and…
CVE-2018-3185 — CVSS 5.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and…
CVE-2018-2786 — CVSS 5.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and…
CVE-2018-2787 — CVSS 5.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and…
CVE-2020-2752 — CVSS 5.3 (medium): Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior…
CVE-2018-3174 — CVSS 5.3 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are…
CVE-2017-3636 — CVSS 5.3 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are…
CVE-2019-18901 — CVSS 5.1 (medium): A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server…
CVE-2019-2739 — CVSS 5.1 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are…
CVE-2020-2814 — CVSS 4.9 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.47 and prior…
CVE-2017-10320 — CVSS 4.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.19…
CVE-2017-3456 — CVSS 4.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54…
CVE-2017-3641 — CVSS 4.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56…
CVE-2018-2759 — CVSS 4.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and…
CVE-2018-2766 — CVSS 4.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and…
CVE-2018-2777 — CVSS 4.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and…
CVE-2018-2781 — CVSS 4.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2018-2810 — CVSS 4.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and…
CVE-2018-3063 — CVSS 4.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are…
CVE-2018-3162 — CVSS 4.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and…
CVE-2018-3173 — CVSS 4.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and…
CVE-2018-3200 — CVSS 4.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and…
CVE-2018-3277 — CVSS 4.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and…
CVE-2018-3282 — CVSS 4.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected…
CVE-2019-2537 — CVSS 4.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42…
CVE-2019-2627 — CVSS 4.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are…
CVE-2019-2628 — CVSS 4.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.25 and…
CVE-2019-2737 — CVSS 4.9 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected…
CVE-2020-14776 — CVSS 4.9 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior…
CVE-2020-14789 — CVSS 4.9 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.7.31 and…
CVE-2020-14812 — CVSS 4.9 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 5.6.49 and…
CVE-2020-2812 — CVSS 4.9 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are…
CVE-2017-3313 — CVSS 4.7 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53…
CVE-2017-10286 — CVSS 4.4 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.37…
CVE-2019-2938 — CVSS 4.4 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.27 and prior…
CVE-2018-2771 — CVSS 4.4 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are…
CVE-2018-3284 — CVSS 4.4 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and…
CVE-2019-2614 — CVSS 4.4 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are…
CVE-2018-3058 — CVSS 4.3 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and…
CVE-2017-3464 — CVSS 4.3 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54…
CVE-2018-2813 — CVSS 4.3 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59…
CVE-2017-10268 — CVSS 4.1 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are…
CVE-2017-10365 — CVSS 3.8 (low): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.18…
CVE-2018-3066 — CVSS 3.3 (low): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are…
CVE-2017-3653 — CVSS 3.1 (low): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56…
CVE-2018-2767 — CVSS 3.1 (low): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are…