Msrc Cbl2 Mariadb 10.6.24-1 On Cbl Mariner 2.0 vulnerabilities

18 known vulnerabilities affecting msrc/cbl2_mariadb_10.6.24-1_on_cbl_mariner_2.0.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

HIGH3MEDIUM6LOW9

Vulnerabilities

Page 1 of 1

CVE-2026-3548HIGHCVSS 7.22026-03-10

CVE-2026-3548 [HIGH] CWE-787 Buffer overflow in CRL number parsing in wolfSSL Buffer overflow in CRL number parsing in wolfSSL Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

msrc

CVE-2026-3549HIGHCVSS 8.32026-03-10

CVE-2026-3549 [HIGH] CWE-122 ECH parsing heap buffer overflow ECH parsing heap buffer overflow Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

msrc

CVE-2026-3547HIGHCVSS 7.52026-03-10

CVE-2026-3547 [HIGH] CWE-125 wolfSSL: out-of-bounds read (DoS) in ALPN parsing due to incomplete validation wolfSSL: out-of-bounds read (DoS) in ALPN parsing due to incomplete validation Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

msrc

CVE-2026-3503MEDIUMCVSS 4.32026-03-10

CVE-2026-3503 [MEDIUM] CWE-335 Fault injection attack with ML-DSA and ML-KEM on ARM Fault injection attack with ML-DSA and ML-KEM on ARM Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

msrc

CVE-2026-3849MEDIUMCVSS 6.92026-03-10

CVE-2026-3849 [MEDIUM] CWE-787 Buffer Overflow in HPKE via Oversized ECH Config Buffer Overflow in HPKE via Oversized ECH Config Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

msrc

CVE-2026-2646MEDIUMCVSS 5.02026-03-10

CVE-2026-2646 [MEDIUM] CWE-122 Heap buffer overflow in session parsing with wolfSSL_d2i_SSL_SESSION() function Heap buffer overflow in session parsing with wolfSSL_d2i_SSL_SESSION() function Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

msrc

CVE-2026-2645MEDIUMCVSS 5.52026-03-10

CVE-2026-2645 [MEDIUM] CWE-358 Acceptance of CertificateVerify Message before ClientKeyExchange in TLS 1.2 Acceptance of CertificateVerify Message before ClientKeyExchange in TLS 1.2 Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

msrc

CVE-2026-3494MEDIUMCVSS 4.32026-03-10

CVE-2026-3494 [MEDIUM] CWE-778 MariaDB Server Audit Plugin Comment Handling Bypass MariaDB Server Audit Plugin Comment Handling Bypass Mariner: Mariner AMZN: AMZN Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade

msrc

CVE-2026-0819LOWCVSS 2.22026-03-10

CVE-2026-0819 [LOW] CWE-121 Stack buffer overflow in PKCS7 SignedData encoding with custom signed attributes Stack buffer overflow in PKCS7 SignedData encoding with custom signed attributes Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

msrc

CVE-2026-3229LOWCVSS 1.22026-03-10

CVE-2026-3229 [LOW] CWE-122 Integer Overflow in Certificate Chain Allocation Integer Overflow in Certificate Chain Allocation Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

msrc

CVE-2026-4395LOWCVSS 1.32026-03-10

CVE-2026-4395 [LOW] CWE-122 Heap-based buffer overflow in wc_ecc_import_x963_ex KCAPI path Heap-based buffer overflow in wc_ecc_import_x963_ex KCAPI path Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

msrc

CVE-2026-3580LOWCVSS 2.12026-03-10

CVE-2026-3580 [LOW] CWE-203 Compiler-induced timing leak in sp_256_get_entry_256_9 on RISC-V Compiler-induced timing leak in sp_256_get_entry_256_9 on RISC-V Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

msrc

CVE-2026-4159LOWCVSS 1.22026-03-10

CVE-2026-4159 [LOW] CWE-125 wc_PKCS7_DecodeEnvelopedData 1 byte out-of-bounds read wc_PKCS7_DecodeEnvelopedData 1 byte out-of-bounds read Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

msrc

CVE-2026-1005LOWCVSS 2.12026-03-10

CVE-2026-1005 [LOW] CWE-191 Integer underflow leads to out-of-bounds access in sniffer AES-GCM/CCM/ARIA-GCM decrypt path Integer underflow leads to out-of-bounds access in sniffer AES-GCM/CCM/ARIA-GCM decrypt path Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

msrc

CVE-2026-3579LOWCVSS 2.12026-03-10

CVE-2026-3579 [LOW] CWE-203 Non-constant time multiplication subroutine __muldi3 on RISC-V RV32I Non-constant time multiplication subroutine __muldi3 on RISC-V RV32I Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

msrc

CVE-2026-3230LOWCVSS 1.22026-03-10

CVE-2026-3230 [LOW] CWE-20 Improper key_share validation in TLS 1.3 HelloRetryRequest Improper key_share validation in TLS 1.3 HelloRetryRequest Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes

msrc

CVE-2025-13912LOWCVSS 1.02025-12-09

CVE-2025-13912 [LOW] CWE-203 Potential non-constant time compiled code with Clang LLVM Potential non-constant time compiled code with Clang LLVM Mariner: Mariner wolfSSL: wolfSSL Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade

msrc

CVE-2023-52969MEDIUMCVSS 4.92025-03-11

CVE-2023-52969 [MEDIUM] CWE-1038 MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2. FAQ: Is Azure Linux the only Microsoft product

msrc