vulnerability
CentOS Linux: CVE-2020-13249: Important: mariadb:10.3 security, bug fix, and enhancement update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | 2020-05-20 | 2020-12-21 | 2023-05-25 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
2020-05-20
Added
2020-12-21
Modified
2023-05-25
Description
libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadb_lib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle.
Solution(s)
centos-upgrade-galeracentos-upgrade-galera-debuginfocentos-upgrade-galera-debugsourcecentos-upgrade-judycentos-upgrade-judy-debuginfocentos-upgrade-judy-debugsourcecentos-upgrade-mariadbcentos-upgrade-mariadb-backupcentos-upgrade-mariadb-backup-debuginfocentos-upgrade-mariadb-commoncentos-upgrade-mariadb-connector-ccentos-upgrade-mariadb-connector-c-configcentos-upgrade-mariadb-connector-c-debuginfocentos-upgrade-mariadb-connector-c-debugsourcecentos-upgrade-mariadb-connector-c-develcentos-upgrade-mariadb-connector-c-devel-debuginfocentos-upgrade-mariadb-debuginfocentos-upgrade-mariadb-debugsourcecentos-upgrade-mariadb-develcentos-upgrade-mariadb-embeddedcentos-upgrade-mariadb-embedded-debuginfocentos-upgrade-mariadb-embedded-develcentos-upgrade-mariadb-errmsgcentos-upgrade-mariadb-gssapi-servercentos-upgrade-mariadb-gssapi-server-debuginfocentos-upgrade-mariadb-oqgraph-enginecentos-upgrade-mariadb-oqgraph-engine-debuginfocentos-upgrade-mariadb-servercentos-upgrade-mariadb-server-debuginfocentos-upgrade-mariadb-server-galeracentos-upgrade-mariadb-server-utilscentos-upgrade-mariadb-server-utils-debuginfocentos-upgrade-mariadb-testcentos-upgrade-mariadb-test-debuginfo
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.