Download
| Alert*
|
oval:org.secpod.oval:def:70867
The host is installed with MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, or 10.5 before 10.5.9 and is prone to an OS command injection vulnerability. A flaw is present in the application, which fails to properly handle an unknown vectors. Successful exploitation allows a dat ... oval:org.secpod.oval:def:506170 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: rh-mariadb103-mariadb , rh-mariadb103-galera . Security Fix: * mariadb: writable system variables allows a database user with SUPER ... oval:org.secpod.oval:def:1801962 See also https://security.alpinelinux.org/vuln/CVE-2021-27928@bobbov Thanks for your report, has been fixed now for all supported releases. oval:org.secpod.oval:def:506023 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb , galera . Security Fix: * mariadb: writable system variables allows a database user with SUPER privilege to execute arbitr ... oval:org.secpod.oval:def:71450 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb , galera . Security Fix: * mariadb: writable system variables allows a database user with SUPER privilege to execute arbitr ... oval:org.secpod.oval:def:89045508 This update for mariadb fixes the following issues: - Update to 10.2.39 - CVE-2021-2166: DML unspecified vulnerability lead to complete DOS. - CVE-2021-2154: DML unspecified vulnerability can lead to complete DOS. - CVE-2021-2180: InnoDB unspecified vulnerability lead to complete DOS. - CVE-2021 ... oval:org.secpod.oval:def:89045498 This update for mariadb fixes the following issues: - Update to 10.2.39 - CVE-2021-2166: DML unspecified vulnerability lead to complete DOS. - CVE-2021-2154: DML unspecified vulnerability can lead to complete DOS. - CVE-2021-2180: InnoDB unspecified vulnerability lead to complete DOS. - CVE-2021 ... oval:org.secpod.oval:def:4501256 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb , galera . Security Fix: * mariadb: writable system variables allows a database user with SUPER privilege to execute arbitr ... oval:org.secpod.oval:def:89047219 This update for mariadb fixes the following issues: - Update to 10.2.39 - CVE-2021-2166: DML unspecified vulnerability lead to complete DOS. - CVE-2021-2154: DML unspecified vulnerability can lead to complete DOS. - CVE-2021-27928: Fixed a remote code execution issue oval:org.secpod.oval:def:2500425 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. oval:org.secpod.oval:def:89049544 This update for mariadb fixes the following issues: - Update to 10.2.39 - CVE-2021-2166: DML unspecified vulnerability lead to complete DOS. - CVE-2021-2154: DML unspecified vulnerability can lead to complete DOS. - CVE-2021-27928: Fixed a remote code execution issue oval:org.secpod.oval:def:1504852 galera [25.3.32-1] - Rebase to 25.3.32 mariadb [3:10.3.28-1] - Rebase to 10.3.28 oval:org.secpod.oval:def:1701660 A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database SU ... |
