Msrc Azl3 Mariadb 10.11.16-1 On Azure Linux 3.0 vulnerabilities

CVE-2026-35549 [MEDIUM] CWE-789 CVE-2026-35549: Mariner: Mariner mitre: mitre Customer Action Required: Yes Mariner: Mariner mitre: mitre Customer Action Required: Yes

CVE-2026-3548 [HIGH] CWE-787 Buffer overflow in CRL number parsing in wolfSSL Buffer overflow in CRL number parsing in wolfSSL Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

CVE-2026-3549 [HIGH] CWE-122 ECH parsing heap buffer overflow ECH parsing heap buffer overflow Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

CVE-2026-3547 [HIGH] CWE-125 wolfSSL: out-of-bounds read (DoS) in ALPN parsing due to incomplete validation wolfSSL: out-of-bounds read (DoS) in ALPN parsing due to incomplete validation Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

CVE-2026-3503 [MEDIUM] CWE-335 Fault injection attack with ML-DSA and ML-KEM on ARM Fault injection attack with ML-DSA and ML-KEM on ARM Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

CVE-2026-3849 [MEDIUM] CWE-787 Buffer Overflow in HPKE via Oversized ECH Config Buffer Overflow in HPKE via Oversized ECH Config Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

CVE-2026-2646 [MEDIUM] CWE-122 Heap buffer overflow in session parsing with wolfSSL_d2i_SSL_SESSION() function Heap buffer overflow in session parsing with wolfSSL_d2i_SSL_SESSION() function Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

CVE-2026-2645 [MEDIUM] CWE-358 Acceptance of CertificateVerify Message before ClientKeyExchange in TLS 1.2 Acceptance of CertificateVerify Message before ClientKeyExchange in TLS 1.2 Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

CVE-2026-0819 [LOW] CWE-121 Stack buffer overflow in PKCS7 SignedData encoding with custom signed attributes Stack buffer overflow in PKCS7 SignedData encoding with custom signed attributes Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

CVE-2026-3229 [LOW] CWE-122 Integer Overflow in Certificate Chain Allocation Integer Overflow in Certificate Chain Allocation Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

CVE-2026-4395 [LOW] CWE-122 Heap-based buffer overflow in wc_ecc_import_x963_ex KCAPI path Heap-based buffer overflow in wc_ecc_import_x963_ex KCAPI path Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

CVE-2026-3580 [LOW] CWE-203 Compiler-induced timing leak in sp_256_get_entry_256_9 on RISC-V Compiler-induced timing leak in sp_256_get_entry_256_9 on RISC-V Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

CVE-2026-4159 [LOW] CWE-125 wc_PKCS7_DecodeEnvelopedData 1 byte out-of-bounds read wc_PKCS7_DecodeEnvelopedData 1 byte out-of-bounds read Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

CVE-2026-1005 [LOW] CWE-191 Integer underflow leads to out-of-bounds access in sniffer AES-GCM/CCM/ARIA-GCM decrypt path Integer underflow leads to out-of-bounds access in sniffer AES-GCM/CCM/ARIA-GCM decrypt path Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

CVE-2026-3579 [LOW] CWE-203 Non-constant time multiplication subroutine __muldi3 on RISC-V RV32I Non-constant time multiplication subroutine __muldi3 on RISC-V RV32I Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

CVE-2026-3230 [LOW] CWE-20 Improper key_share validation in TLS 1.3 HelloRetryRequest Improper key_share validation in TLS 1.3 HelloRetryRequest Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

CVE-2026-27171 [LOW] CWE-1284 zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition. zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition. Mariner: Mariner mitre: mitre Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference: https://learn.micros