Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-52968 (GCVE-0-2023-52968)
Vulnerability from cvelistv5 – Published: 2025-03-08 00:00 – Updated: 2025-03-10 15:59
VLAI?
EPSS
Summary
MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_derived_prepare when derived is not yet prepared, leading to a find_field_in_table crash.
Severity ?
4.9 (Medium)
CWE
- CWE-696 - Incorrect Behavior Order
Assigner
References
1 reference
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52968",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T15:58:35.517548Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T15:59:46.152Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "MariaDB",
"vendor": "MariaDB",
"versions": [
{
"lessThan": "10.4.33",
"status": "affected",
"version": "10.4",
"versionType": "custom"
},
{
"lessThan": "10.5.24",
"status": "affected",
"version": "10.5",
"versionType": "custom"
},
{
"lessThan": "10.6.17",
"status": "affected",
"version": "10.6",
"versionType": "custom"
},
{
"lessThan": "10.11.7",
"status": "affected",
"version": "10.7",
"versionType": "custom"
},
{
"lessThan": "11.0.5",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "11.1.4",
"status": "affected",
"version": "11.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.4.33",
"versionStartIncluding": "10.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.5.24",
"versionStartIncluding": "10.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.6.17",
"versionStartIncluding": "10.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.11.7",
"versionStartIncluding": "10.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.0.5",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.1.4",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_derived_prepare when derived is not yet prepared, leading to a find_field_in_table crash."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-696",
"description": "CWE-696 Incorrect Behavior Order",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-08T22:45:30.565Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://jira.mariadb.org/browse/MDEV-32082"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-52968",
"datePublished": "2025-03-08T00:00:00.000Z",
"dateReserved": "2025-03-08T00:00:00.000Z",
"dateUpdated": "2025-03-10T15:59:46.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-52968",
"date": "2026-05-24",
"epss": "0.0002",
"percentile": "0.05664"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-52968\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2025-03-08T23:15:13.173\",\"lastModified\":\"2025-03-08T23:15:13.173\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_derived_prepare when derived is not yet prepared, leading to a find_field_in_table crash.\"},{\"lang\":\"es\",\"value\":\"MariaDB Server 10.4 anterior a 10.4.33, 10.5 anterior a 10.5.24, 10.6 anterior a 10.6.17, 10.7 a 10.11 anterior a 10.11.7, 11.0 anterior a 11.0.5 y 11.1 anterior a 11.1.4 llama a fix_fields_if_needed bajo mysql_derived_prepare cuando derived a\u00fan no est\u00e1 preparado, lo que genera un bloqueo de find_field_in_table.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-696\"}]}],\"references\":[{\"url\":\"https://jira.mariadb.org/browse/MDEV-32082\",\"source\":\"cve@mitre.org\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-52968\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-10T15:58:35.517548Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-10T15:59:43.194Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 4.9, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\"}}], \"affected\": [{\"vendor\": \"MariaDB\", \"product\": \"MariaDB\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.4\", \"lessThan\": \"10.4.33\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.5\", \"lessThan\": \"10.5.24\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.6\", \"lessThan\": \"10.6.17\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.7\", \"lessThan\": \"10.11.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.0\", \"lessThan\": \"11.0.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.1\", \"lessThan\": \"11.1.4\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"references\": [{\"url\": \"https://jira.mariadb.org/browse/MDEV-32082\"}], \"x_generator\": {\"engine\": \"enrichogram 0.0.1\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_derived_prepare when derived is not yet prepared, leading to a find_field_in_table crash.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-696\", \"description\": \"CWE-696 Incorrect Behavior Order\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.4.33\", \"versionStartIncluding\": \"10.4\"}, {\"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.5.24\", \"versionStartIncluding\": \"10.5\"}, {\"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.6.17\", \"versionStartIncluding\": \"10.6\"}, {\"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.11.7\", \"versionStartIncluding\": \"10.7\"}, {\"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.0.5\", \"versionStartIncluding\": \"11.0\"}, {\"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.1.4\", \"versionStartIncluding\": \"11.1\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2025-03-08T22:45:30.565Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-52968\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-10T15:59:46.152Z\", \"dateReserved\": \"2025-03-08T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2025-03-08T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
BDU:2025-06571
Vulnerability from fstec - Published: 04.09.2023
VLAI Severity ?
Title
Уязвимость функций make_aggr_tables_info и optimize_stage2 системы управления базами данных MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость функций make_aggr_tables_info и optimize_stage2 системы управления базами данных MariaDB связана с неправильным порядком поведения. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании
Severity ?
Vendor
Novell Inc., Red Hat Inc., Сообщество свободного программного обеспечения, ООО «Ред Софт», MariaDB Foundation
Software Name
OpenSUSE Leap, Red Hat Enterprise Linux, SUSE Linux Enterprise Module for Server Applications, SUSE Enterprise Storage, SUSE Linux Enterprise High Performance Computing, Suse Linux Enterprise Server, SUSE Manager Proxy, SUSE Manager Retail Branch Server, SUSE Manager Server, Debian GNU/Linux, РЕД ОС (запись в едином реестре российских программ №3751), SUSE Linux Enterprise Server for SAP Applications, SUSE Linux Enterprise Real Time, SUSE Linux Enterprise Module for Package Hub, MariaDB
Software Version
15.5 (OpenSUSE Leap), 8 (Red Hat Enterprise Linux), 15 SP1 (SUSE Linux Enterprise Module for Server Applications), 6 (SUSE Enterprise Storage), 15-ESPOS (SUSE Linux Enterprise High Performance Computing), 15-LTSS (SUSE Linux Enterprise High Performance Computing), 15-LTSS (Suse Linux Enterprise Server), 15 SP2 (SUSE Linux Enterprise Module for Server Applications), 15 SP1-BCL (Suse Linux Enterprise Server), 15 SP1-LTSS (Suse Linux Enterprise Server), 15 SP1-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP1-ESPOS (SUSE Linux Enterprise High Performance Computing), 4.0 (SUSE Manager Proxy), 4.0 (SUSE Manager Retail Branch Server), 4.0 (SUSE Manager Server), 15.3 (OpenSUSE Leap), 15 SP3 (SUSE Linux Enterprise Module for Server Applications), 15 SP1 (Suse Linux Enterprise Server), 11 (Debian GNU/Linux), 7.3 (РЕД ОС), 15.4 (OpenSUSE Leap), 15 SP3 (SUSE Linux Enterprise High Performance Computing), 15 SP3 (Suse Linux Enterprise Server), 15 SP3 (SUSE Linux Enterprise Server for SAP Applications), 4.2 (SUSE Manager Proxy), 4.2 (SUSE Manager Server), 7 (SUSE Enterprise Storage), 15 SP2 (Suse Linux Enterprise Server), 4.1 (SUSE Manager Server), 4.1 (SUSE Manager Proxy), 15 SP2-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP2-LTSS (SUSE Linux Enterprise High Performance Computing), 4.1 (SUSE Manager Retail Branch Server), 15 SP4 (Suse Linux Enterprise Server), 15 SP2 (SUSE Linux Enterprise High Performance Computing), 15 SP2-BCL (Suse Linux Enterprise Server), 15 SP4 (SUSE Linux Enterprise Server for SAP Applications), 4.2 (SUSE Manager Retail Branch Server), 9 (Red Hat Enterprise Linux), 15 SP2-LTSS (Suse Linux Enterprise Server), 15 SP2 (SUSE Linux Enterprise Real Time), 4.3 (SUSE Manager Retail Branch Server), 4.3 (SUSE Manager Proxy), 4.3 (SUSE Manager Server), 15 SP4 (SUSE Linux Enterprise High Performance Computing), 15 SP4 (SUSE Linux Enterprise Module for Server Applications), 7.1 (SUSE Enterprise Storage), 15 (SUSE Linux Enterprise High Performance Computing), 15 SP1 (SUSE Linux Enterprise High Performance Computing), 15 SP3-LTSS (Suse Linux Enterprise Server), 15 SP3-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP3-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP3 (SUSE Linux Enterprise Real Time), 15 SP3-BCL (Suse Linux Enterprise Server), 15 SP4 (SUSE Linux Enterprise Module for Package Hub), 15 SP3 (SUSE Linux Enterprise Module for Package Hub), 15 SP5 (SUSE Linux Enterprise Server for SAP Applications), 15 SP5 (Suse Linux Enterprise Server), 15 SP5 (SUSE Linux Enterprise High Performance Computing), 15 SP4 (SUSE Linux Enterprise Real Time), 15 SP5 (SUSE Linux Enterprise Module for Server Applications), 15 SP5 (SUSE Linux Enterprise Module for Package Hub), 15 SP4-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP4-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP4-LTSS (Suse Linux Enterprise Server), 15 SP6 (Suse Linux Enterprise Server), 15 SP6 (SUSE Linux Enterprise Server for SAP Applications), 15 SP6 (SUSE Linux Enterprise High Performance Computing), 15 SP6 (SUSE Linux Enterprise Module for Package Hub), 15.6 (OpenSUSE Leap), 15 SP6 (SUSE Linux Enterprise Module for Server Applications), 15 SP5-LTSS (Suse Linux Enterprise Server), 15 SP5-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP5-ESPOS (SUSE Linux Enterprise High Performance Computing), от 10.4 до 10.4.33 (MariaDB), от 10.5 до 10.5.24 (MariaDB), от 10.6 до 10.6.17 (MariaDB), от 10.7 до 10.11.7 (MariaDB), от 11.0 до 11.0.5 (MariaDB), от 11.1 до 11.1.4 (MariaDB)
Possible Mitigations
Компенсирующие меры:
- ограничение прав пользователей, только администраторы базы данных должны иметь возможность добавлять или изменять пользовательские функции, роли пользователей должны исключать возможности добавления или вызова UDF без необходимости;
- отключение поддержки пользовательских функций, удалив каталог плагинов из конфигурации MariaDB или наложив ограничения на использование UDF;
- ограничить предоставление привилегий SUPER и FILE обычным пользователям, так как они требуются для создания и использования пользовательских функций;
- запрет использования системных команд внутри UDF;
- ограничение доступа к каталогу плагинов MariaDB (определяемого переменной @@plugin_dir).
Использование рекомендаций:
Для MariaDB:
https://jira.mariadb.org/browse/MDEV-32082
Для Debian GNU/Linux:
https://security-tracker.debian.org/tracker/CVE-2023-52969
Для программных продуктов Novell Inc.:
https://www.suse.com/security/cve/CVE-2023-52969.html
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/cve-2023-52969
Для РЕД ОС:
https://redos.red-soft.ru/support/secure/uyazvimosti/uyazvimost-mariadb-cve-2023-52968/?sphrase_id=966136
Reference
https://jira.mariadb.org/browse/MDEV-32082
https://alas.aws.amazon.com/AL2023/ALAS-2023-52969.html
https://security-tracker.debian.org/tracker/CVE-2023-52969
https://access.redhat.com/security/cve/cve-2023-52969
https://www.suse.com/security/cve/CVE-2023-52969.html
https://redos.red-soft.ru/support/secure/uyazvimosti/uyazvimost-mariadb-cve-2023-52968/?sphrase_id=966136
CWE
CWE-696
{
"CVSS 2.0": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Novell Inc., Red Hat Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, MariaDB Foundation",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "15.5 (OpenSUSE Leap), 8 (Red Hat Enterprise Linux), 15 SP1 (SUSE Linux Enterprise Module for Server Applications), 6 (SUSE Enterprise Storage), 15-ESPOS (SUSE Linux Enterprise High Performance Computing), 15-LTSS (SUSE Linux Enterprise High Performance Computing), 15-LTSS (Suse Linux Enterprise Server), 15 SP2 (SUSE Linux Enterprise Module for Server Applications), 15 SP1-BCL (Suse Linux Enterprise Server), 15 SP1-LTSS (Suse Linux Enterprise Server), 15 SP1-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP1-ESPOS (SUSE Linux Enterprise High Performance Computing), 4.0 (SUSE Manager Proxy), 4.0 (SUSE Manager Retail Branch Server), 4.0 (SUSE Manager Server), 15.3 (OpenSUSE Leap), 15 SP3 (SUSE Linux Enterprise Module for Server Applications), 15 SP1 (Suse Linux Enterprise Server), 11 (Debian GNU/Linux), 7.3 (\u0420\u0415\u0414 \u041e\u0421), 15.4 (OpenSUSE Leap), 15 SP3 (SUSE Linux Enterprise High Performance Computing), 15 SP3 (Suse Linux Enterprise Server), 15 SP3 (SUSE Linux Enterprise Server for SAP Applications), 4.2 (SUSE Manager Proxy), 4.2 (SUSE Manager Server), 7 (SUSE Enterprise Storage), 15 SP2 (Suse Linux Enterprise Server), 4.1 (SUSE Manager Server), 4.1 (SUSE Manager Proxy), 15 SP2-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP2-LTSS (SUSE Linux Enterprise High Performance Computing), 4.1 (SUSE Manager Retail Branch Server), 15 SP4 (Suse Linux Enterprise Server), 15 SP2 (SUSE Linux Enterprise High Performance Computing), 15 SP2-BCL (Suse Linux Enterprise Server), 15 SP4 (SUSE Linux Enterprise Server for SAP Applications), 4.2 (SUSE Manager Retail Branch Server), 9 (Red Hat Enterprise Linux), 15 SP2-LTSS (Suse Linux Enterprise Server), 15 SP2 (SUSE Linux Enterprise Real Time), 4.3 (SUSE Manager Retail Branch Server), 4.3 (SUSE Manager Proxy), 4.3 (SUSE Manager Server), 15 SP4 (SUSE Linux Enterprise High Performance Computing), 15 SP4 (SUSE Linux Enterprise Module for Server Applications), 7.1 (SUSE Enterprise Storage), 15 (SUSE Linux Enterprise High Performance Computing), 15 SP1 (SUSE Linux Enterprise High Performance Computing), 15 SP3-LTSS (Suse Linux Enterprise Server), 15 SP3-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP3-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP3 (SUSE Linux Enterprise Real Time), 15 SP3-BCL (Suse Linux Enterprise Server), 15 SP4 (SUSE Linux Enterprise Module for Package Hub), 15 SP3 (SUSE Linux Enterprise Module for Package Hub), 15 SP5 (SUSE Linux Enterprise Server for SAP Applications), 15 SP5 (Suse Linux Enterprise Server), 15 SP5 (SUSE Linux Enterprise High Performance Computing), 15 SP4 (SUSE Linux Enterprise Real Time), 15 SP5 (SUSE Linux Enterprise Module for Server Applications), 15 SP5 (SUSE Linux Enterprise Module for Package Hub), 15 SP4-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP4-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP4-LTSS (Suse Linux Enterprise Server), 15 SP6 (Suse Linux Enterprise Server), 15 SP6 (SUSE Linux Enterprise Server for SAP Applications), 15 SP6 (SUSE Linux Enterprise High Performance Computing), 15 SP6 (SUSE Linux Enterprise Module for Package Hub), 15.6 (OpenSUSE Leap), 15 SP6 (SUSE Linux Enterprise Module for Server Applications), 15 SP5-LTSS (Suse Linux Enterprise Server), 15 SP5-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP5-ESPOS (SUSE Linux Enterprise High Performance Computing), \u043e\u0442 10.4 \u0434\u043e 10.4.33 (MariaDB), \u043e\u0442 10.5 \u0434\u043e 10.5.24 (MariaDB), \u043e\u0442 10.6 \u0434\u043e 10.6.17 (MariaDB), \u043e\u0442 10.7 \u0434\u043e 10.11.7 (MariaDB), \u043e\u0442 11.0 \u0434\u043e 11.0.5 (MariaDB), \u043e\u0442 11.1 \u0434\u043e 11.1.4 (MariaDB)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u043f\u0440\u0430\u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0442\u043e\u043b\u044c\u043a\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u043e\u043b\u0436\u043d\u044b \u0438\u043c\u0435\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0442\u044c \u0438\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438, \u0440\u043e\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0434\u043e\u043b\u0436\u043d\u044b \u0438\u0441\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u043b\u0438 \u0432\u044b\u0437\u043e\u0432\u0430 UDF \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438;\n- \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u0439, \u0443\u0434\u0430\u043b\u0438\u0432 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432 \u0438\u0437 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 MariaDB \u0438\u043b\u0438 \u043d\u0430\u043b\u043e\u0436\u0438\u0432 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 UDF;\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 SUPER \u0438 FILE \u043e\u0431\u044b\u0447\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c, \u0442\u0430\u043a \u043a\u0430\u043a \u043e\u043d\u0438 \u0442\u0440\u0435\u0431\u0443\u044e\u0442\u0441\u044f \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u0439;\n- \u0437\u0430\u043f\u0440\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0432\u043d\u0443\u0442\u0440\u0438 UDF;\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0443 \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432 MariaDB (\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u0435\u043c\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 @@plugin_dir).\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f MariaDB:\nhttps://jira.mariadb.org/browse/MDEV-32082\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2023-52969\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2023-52969.html\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2023-52969\n\n\u0414\u043b\u044f \u0420\u0415\u0414 \u041e\u0421:\nhttps://redos.red-soft.ru/support/secure/uyazvimosti/uyazvimost-mariadb-cve-2023-52968/?sphrase_id=966136",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "04.09.2023",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "09.06.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "09.06.2025",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-06571",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-52968",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "OpenSUSE Leap, Red Hat Enterprise Linux, SUSE Linux Enterprise Module for Server Applications, SUSE Enterprise Storage, SUSE Linux Enterprise High Performance Computing, Suse Linux Enterprise Server, SUSE Manager Proxy, SUSE Manager Retail Branch Server, SUSE Manager Server, Debian GNU/Linux, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), SUSE Linux Enterprise Server for SAP Applications, SUSE Linux Enterprise Real Time, SUSE Linux Enterprise Module for Package Hub, MariaDB",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Novell Inc. OpenSUSE Leap 15.5 , Red Hat Inc. Red Hat Enterprise Linux 8 , Novell Inc. Suse Linux Enterprise Server 15-LTSS , Novell Inc. Suse Linux Enterprise Server 15 SP1-BCL , Novell Inc. Suse Linux Enterprise Server 15 SP1-LTSS , Novell Inc. OpenSUSE Leap 15.3 , Novell Inc. Suse Linux Enterprise Server 15 SP1 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Novell Inc. OpenSUSE Leap 15.4 , Novell Inc. Suse Linux Enterprise Server 15 SP3 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP3 , Novell Inc. Suse Linux Enterprise Server 15 SP2 , Novell Inc. Suse Linux Enterprise Server 15 SP4 , Novell Inc. Suse Linux Enterprise Server 15 SP2-BCL , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP4 , Red Hat Inc. Red Hat Enterprise Linux 9 , Novell Inc. Suse Linux Enterprise Server 15 SP2-LTSS , Novell Inc. SUSE Linux Enterprise Real Time 15 SP2 , Novell Inc. Suse Linux Enterprise Server 15 SP3-LTSS , Novell Inc. SUSE Linux Enterprise Real Time 15 SP3 , Novell Inc. Suse Linux Enterprise Server 15 SP3-BCL , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP5 , Novell Inc. Suse Linux Enterprise Server 15 SP5 , Novell Inc. SUSE Linux Enterprise Real Time 15 SP4 , Novell Inc. Suse Linux Enterprise Server 15 SP4-LTSS , Novell Inc. Suse Linux Enterprise Server 15 SP6 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP6 , Novell Inc. OpenSUSE Leap 15.6 , Novell Inc. Suse Linux Enterprise Server 15 SP5-LTSS ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 make_aggr_tables_info \u0438 optimize_stage2 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0430\u0437\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 MariaDB, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0439 \u043f\u043e\u0440\u044f\u0434\u043e\u043a \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f (CWE-696)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 make_aggr_tables_info \u0438 optimize_stage2 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0430\u0437\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 MariaDB \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043f\u043e\u0440\u044f\u0434\u043a\u043e\u043c \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://jira.mariadb.org/browse/MDEV-32082\nhttps://alas.aws.amazon.com/AL2023/ALAS-2023-52969.html\nhttps://security-tracker.debian.org/tracker/CVE-2023-52969\nhttps://access.redhat.com/security/cve/cve-2023-52969\nhttps://www.suse.com/security/cve/CVE-2023-52969.html\nhttps://redos.red-soft.ru/support/secure/uyazvimosti/uyazvimost-mariadb-cve-2023-52968/?sphrase_id=966136",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0423\u0411\u0414",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-696",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,9)"
}
bit-mariadb-2023-52968
Vulnerability from bitnami_vulndb
Published
2025-03-13 07:14
Modified
2025-04-03 14:40
Summary
Details
MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_derived_prepare when derived is not yet prepared, leading to a find_field_in_table crash.
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "mariadb",
"purl": "pkg:bitnami/mariadb"
},
"ranges": [
{
"events": [
{
"introduced": "10.4.0"
},
{
"fixed": "10.4.33"
},
{
"introduced": "10.5.0"
},
{
"fixed": "10.5.24"
},
{
"introduced": "10.6.0"
},
{
"fixed": "10.6.17"
},
{
"introduced": "10.7.0"
},
{
"fixed": "10.11.7"
},
{
"introduced": "11.0.0"
},
{
"fixed": "11.0.5"
},
{
"introduced": "11.1.0"
},
{
"fixed": "11.1.4"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
],
"aliases": [
"CVE-2023-52968"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*"
],
"severity": "Medium"
},
"details": "MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_derived_prepare when derived is not yet prepared, leading to a find_field_in_table crash.",
"id": "BIT-mariadb-2023-52968",
"modified": "2025-04-03T14:40:37.652Z",
"published": "2025-03-13T07:14:21.149Z",
"references": [
{
"type": "WEB",
"url": "https://jira.mariadb.org/browse/MDEV-32082"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52968"
}
],
"schema_version": "1.5.0"
}
FKIE_CVE-2023-52968
Vulnerability from fkie_nvd - Published: 2025-03-08 23:15 - Updated: 2026-04-15 00:35
Severity ?
Summary
MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_derived_prepare when derived is not yet prepared, leading to a find_field_in_table crash.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_derived_prepare when derived is not yet prepared, leading to a find_field_in_table crash."
},
{
"lang": "es",
"value": "MariaDB Server 10.4 anterior a 10.4.33, 10.5 anterior a 10.5.24, 10.6 anterior a 10.6.17, 10.7 a 10.11 anterior a 10.11.7, 11.0 anterior a 11.0.5 y 11.1 anterior a 11.1.4 llama a fix_fields_if_needed bajo mysql_derived_prepare cuando derived a\u00fan no est\u00e1 preparado, lo que genera un bloqueo de find_field_in_table."
}
],
"id": "CVE-2023-52968",
"lastModified": "2026-04-15T00:35:42.020",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "cve@mitre.org",
"type": "Secondary"
}
]
},
"published": "2025-03-08T23:15:13.173",
"references": [
{
"source": "cve@mitre.org",
"url": "https://jira.mariadb.org/browse/MDEV-32082"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-696"
}
],
"source": "cve@mitre.org",
"type": "Secondary"
}
]
}
GHSA-7C2C-WP2Q-Q5VX
Vulnerability from github – Published: 2025-03-09 00:30 – Updated: 2025-03-09 00:30
VLAI?
Details
MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_derived_prepare when derived is not yet prepared, leading to a find_field_in_table crash.
Severity ?
4.9 (Medium)
{
"affected": [],
"aliases": [
"CVE-2023-52968"
],
"database_specific": {
"cwe_ids": [
"CWE-696"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-08T23:15:13Z",
"severity": "MODERATE"
},
"details": "MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_derived_prepare when derived is not yet prepared, leading to a find_field_in_table crash.",
"id": "GHSA-7c2c-wp2q-q5vx",
"modified": "2025-03-09T00:30:52Z",
"published": "2025-03-09T00:30:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52968"
},
{
"type": "WEB",
"url": "https://jira.mariadb.org/browse/MDEV-32082"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
WID-SEC-W-2025-0507
Vulnerability from csaf_certbund - Published: 2025-03-09 23:00 - Updated: 2026-01-07 23:00Summary
MariaDB: Mehrere Schwachstellen ermöglichen Denial of Service
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: MariaDB ist ein relationales Datenbanksystem, das anwendungskompatibel mit MySQL ist.
Angriff: Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in MariaDB ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
MariaDB MariaDB <11.1.4
MariaDB / MariaDB
|
<11.1.4 | ||
|
MariaDB MariaDB <11.0.5
MariaDB / MariaDB
|
<11.0.5 | ||
|
MariaDB MariaDB <10.11.7
MariaDB / MariaDB
|
<10.11.7 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
MariaDB MariaDB <10.6.17
MariaDB / MariaDB
|
<10.6.17 | ||
|
MariaDB MariaDB <10.5.24
MariaDB / MariaDB
|
<10.5.24 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
MariaDB MariaDB <10.4.33
MariaDB / MariaDB
|
<10.4.33 | ||
|
MariaDB MariaDB
MariaDB / MariaDB
|
cpe:/a:mariadb:mariadb:-
|
— | |
|
MariaDB MariaDB <11.4.1
MariaDB / MariaDB
|
<11.4.1 | ||
|
MariaDB MariaDB <11.3.2
MariaDB / MariaDB
|
<11.3.2 | ||
|
MariaDB MariaDB <11.2.3
MariaDB / MariaDB
|
<11.2.3 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
MariaDB MariaDB <10.11.7
MariaDB / MariaDB
|
<10.11.7 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
MariaDB MariaDB <10.6.17
MariaDB / MariaDB
|
<10.6.17 | ||
|
MariaDB MariaDB <10.5.24
MariaDB / MariaDB
|
<10.5.24 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
MariaDB MariaDB <10.4.33
MariaDB / MariaDB
|
<10.4.33 | ||
|
MariaDB MariaDB
MariaDB / MariaDB
|
cpe:/a:mariadb:mariadb:-
|
— |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
MariaDB MariaDB <11.1.4
MariaDB / MariaDB
|
<11.1.4 | ||
|
MariaDB MariaDB <11.0.5
MariaDB / MariaDB
|
<11.0.5 | ||
|
MariaDB MariaDB <10.11.7
MariaDB / MariaDB
|
<10.11.7 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
MariaDB MariaDB <10.6.17
MariaDB / MariaDB
|
<10.6.17 | ||
|
MariaDB MariaDB <10.5.24
MariaDB / MariaDB
|
<10.5.24 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
MariaDB MariaDB <10.4.33
MariaDB / MariaDB
|
<10.4.33 | ||
|
MariaDB MariaDB
MariaDB / MariaDB
|
cpe:/a:mariadb:mariadb:-
|
— |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
MariaDB MariaDB <11.1.4
MariaDB / MariaDB
|
<11.1.4 | ||
|
MariaDB MariaDB <11.0.5
MariaDB / MariaDB
|
<11.0.5 | ||
|
MariaDB MariaDB <10.11.7
MariaDB / MariaDB
|
<10.11.7 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
MariaDB MariaDB
MariaDB / MariaDB
|
cpe:/a:mariadb:mariadb:-
|
— | |
|
MariaDB MariaDB <11.4.1
MariaDB / MariaDB
|
<11.4.1 | ||
|
MariaDB MariaDB <11.3.2
MariaDB / MariaDB
|
<11.3.2 | ||
|
MariaDB MariaDB <11.2.3
MariaDB / MariaDB
|
<11.2.3 |
References
26 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "MariaDB ist ein relationales Datenbanksystem, das anwendungskompatibel mit MySQL ist.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in MariaDB ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0507 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0507.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0507 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0507"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2025-03-09",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52968"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2025-03-09",
"url": "https://github.com/advisories/GHSA-gx7h-6fr6-j29h"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2025-03-09",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52969"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2025-03-09",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52970"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2025-03-09",
"url": "https://github.com/advisories/GHSA-j57w-cc2h-3w6w"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2025-03-09",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52971"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-66CE799182 vom 2025-04-07",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-66ce799182"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-E317A33D16 vom 2025-04-07",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-e317a33d16"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4154 vom 2025-05-07",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00006.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7519-1 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7519-1"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASMARIADB10.5-2025-007 vom 2025-05-29",
"url": "https://alas.aws.amazon.com/AL2/ALASMARIADB10.5-2025-007.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7548-1 vom 2025-06-03",
"url": "https://ubuntu.com/security/notices/USN-7548-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03276-1 vom 2025-09-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022592.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03275-1 vom 2025-09-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022593.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19584 vom 2025-11-04",
"url": "https://access.redhat.com/errata/RHSA-2025:19584"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19572 vom 2025-11-04",
"url": "https://access.redhat.com/errata/RHSA-2025:19572"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:19584 vom 2025-11-06",
"url": "https://errata.build.resf.org/RLSA-2025:19584"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-19584 vom 2025-11-06",
"url": "https://linux.oracle.com/errata/ELSA-2025-19584.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-19572 vom 2025-11-07",
"url": "https://linux.oracle.com/errata/ELSA-2025-19572.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:19572 vom 2025-12-02",
"url": "https://errata.build.resf.org/RLSA-2025:19572"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4491-1 vom 2025-12-19",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6TT63QK3N3UDJEHX5ZIMCKLUCW6ITQX2/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0136 vom 2026-01-07",
"url": "https://linux.oracle.com/errata/ELSA-2026-0136.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0136 vom 2026-01-06",
"url": "https://access.redhat.com/errata/RHSA-2026:0136"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0247 vom 2026-01-07",
"url": "https://access.redhat.com/errata/RHSA-2026:0247"
}
],
"source_lang": "en-US",
"title": "MariaDB: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
"tracking": {
"current_release_date": "2026-01-07T23:00:00.000+00:00",
"generator": {
"date": "2026-01-08T08:11:40.982+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-0507",
"initial_release_date": "2025-03-09T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-03-09T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-04-07T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2025-05-07T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-05-20T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-05-29T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-06-02T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-09-21T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-03T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-04T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-05T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-11-06T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-12-01T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-12-21T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-06T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2026-01-07T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "15"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.4.33",
"product": {
"name": "MariaDB MariaDB \u003c10.4.33",
"product_id": "T041677"
}
},
{
"category": "product_version",
"name": "10.4.33",
"product": {
"name": "MariaDB MariaDB 10.4.33",
"product_id": "T041677-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mariadb:mariadb:10.4.33"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.5.24",
"product": {
"name": "MariaDB MariaDB \u003c10.5.24",
"product_id": "T041678"
}
},
{
"category": "product_version",
"name": "10.5.24",
"product": {
"name": "MariaDB MariaDB 10.5.24",
"product_id": "T041678-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mariadb:mariadb:10.5.24"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.6.17",
"product": {
"name": "MariaDB MariaDB \u003c10.6.17",
"product_id": "T041679"
}
},
{
"category": "product_version",
"name": "10.6.17",
"product": {
"name": "MariaDB MariaDB 10.6.17",
"product_id": "T041679-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mariadb:mariadb:10.6.17"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.11.7",
"product": {
"name": "MariaDB MariaDB \u003c10.11.7",
"product_id": "T041680"
}
},
{
"category": "product_version",
"name": "10.11.7",
"product": {
"name": "MariaDB MariaDB 10.11.7",
"product_id": "T041680-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mariadb:mariadb:10.11.7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.5",
"product": {
"name": "MariaDB MariaDB \u003c11.0.5",
"product_id": "T041681"
}
},
{
"category": "product_version",
"name": "11.0.5",
"product": {
"name": "MariaDB MariaDB 11.0.5",
"product_id": "T041681-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mariadb:mariadb:11.0.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.1.4",
"product": {
"name": "MariaDB MariaDB \u003c11.1.4",
"product_id": "T041682"
}
},
{
"category": "product_version",
"name": "11.1.4",
"product": {
"name": "MariaDB MariaDB 11.1.4",
"product_id": "T041682-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mariadb:mariadb:11.1.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.2.3",
"product": {
"name": "MariaDB MariaDB \u003c11.2.3",
"product_id": "T041683"
}
},
{
"category": "product_version",
"name": "11.2.3",
"product": {
"name": "MariaDB MariaDB 11.2.3",
"product_id": "T041683-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mariadb:mariadb:11.2.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.3.2",
"product": {
"name": "MariaDB MariaDB \u003c11.3.2",
"product_id": "T041684"
}
},
{
"category": "product_version",
"name": "11.3.2",
"product": {
"name": "MariaDB MariaDB 11.3.2",
"product_id": "T041684-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mariadb:mariadb:11.3.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.4.1",
"product": {
"name": "MariaDB MariaDB \u003c11.4.1",
"product_id": "T041685"
}
},
{
"category": "product_version",
"name": "11.4.1",
"product": {
"name": "MariaDB MariaDB 11.4.1",
"product_id": "T041685-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mariadb:mariadb:11.4.1"
}
}
},
{
"category": "product_name",
"name": "MariaDB MariaDB",
"product": {
"name": "MariaDB MariaDB",
"product_id": "T041687",
"product_identification_helper": {
"cpe": "cpe:/a:mariadb:mariadb:-"
}
}
}
],
"category": "product_name",
"name": "MariaDB"
}
],
"category": "vendor",
"name": "MariaDB"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52968",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"74185",
"T041682",
"T041681",
"T041680",
"2951",
"T002207",
"T000126",
"T041679",
"T041678",
"398363",
"T041677",
"T041687",
"T041685",
"T041684",
"T041683"
]
},
"release_date": "2025-03-09T23:00:00.000+00:00",
"title": "CVE-2023-52968"
},
{
"cve": "CVE-2023-52969",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"74185",
"T041680",
"2951",
"T002207",
"T000126",
"T041679",
"T041678",
"398363",
"T041677",
"T041687"
]
},
"release_date": "2025-03-09T23:00:00.000+00:00",
"title": "CVE-2023-52969"
},
{
"cve": "CVE-2023-52970",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"74185",
"T041682",
"T041681",
"T041680",
"2951",
"T002207",
"T000126",
"T041679",
"T041678",
"398363",
"T041677",
"T041687"
]
},
"release_date": "2025-03-09T23:00:00.000+00:00",
"title": "CVE-2023-52970"
},
{
"cve": "CVE-2023-52971",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"74185",
"T041682",
"T041681",
"T041680",
"2951",
"T002207",
"T000126",
"398363",
"T041687",
"T041685",
"T041684",
"T041683"
]
},
"release_date": "2025-03-09T23:00:00.000+00:00",
"title": "CVE-2023-52971"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…