Msrc Cm1 Mariadb 10.3.36-1 On Cbl Mariner 1.0 vulnerabilities

9 known vulnerabilities affecting msrc/cm1_mariadb_10.3.36-1_on_cbl_mariner_1.0.

Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH8MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2022-38791MEDIUMCVSS 5.52022-08-09
CVE-2022-38791 [MEDIUM] CWE-667 In MariaDB before 10.9.2 compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure which allows local users to trigger a deadlock. In MariaDB before 10.9.2 compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure which allows local users to trigger a deadlock. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore pote
msrc
CVE-2022-32091HIGHCVSS 7.52022-07-12
CVE-2022-32091 [HIGH] CWE-416 MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc. MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the
msrc
CVE-2022-27457HIGHCVSS 7.52022-04-12
CVE-2022-27457 [HIGH] CWE-416 MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_mb_wc_latin1 at /strings/ctype-latin1.c. MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_mb_wc_latin1 at /strings/ctype-latin1.c. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who
msrc
CVE-2022-27382HIGHCVSS 7.52022-04-12
CVE-2022-27382 [HIGH] CWE-617 MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Item_field::used_tables/update_depend_map_for_order. MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Item_field::used_tables/update_depend_map_for_order. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits
msrc
CVE-2022-27455HIGHCVSS 7.52022-04-12
CVE-2022-27455 [HIGH] CWE-416 MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c. MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our cust
msrc
CVE-2022-27451HIGHCVSS 7.52022-04-12
CVE-2022-27451 [HIGH] MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/field_conv.cc. MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/field_conv.cc. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment
msrc
CVE-2022-27452HIGHCVSS 7.52022-04-12
CVE-2022-27452 [HIGH] MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.cc. MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.cc. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commit
msrc
CVE-2022-27446HIGHCVSS 7.52022-04-12
CVE-2022-27446 [HIGH] MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.h. MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.h. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitme
msrc
CVE-2022-27444HIGHCVSS 7.52022-04-12
CVE-2022-27444 [HIGH] MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_subselect.cc. MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_subselect.cc. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the co
msrc