CVE-2022-27382
HIGHMariaDB 10.4.0-10.4.25 - Denial of Service via Item_field::used_tables/update_depend_map_for_order
Title source: llmDescription
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Item_field::used_tables/update_depend_map_for_order.
References (2)
Core 2
Core References
Exploit, Issue Tracking, Vendor Advisory x_refsource_misc
https://jira.mariadb.org/browse/MDEV-26402
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20220526-0004/
Scores
CVSS v3
7.5
EPSS
0.0022
EPSS Percentile
44.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-617
Status
published
Products (1)
mariadb/mariadb
10.4.0 - 10.4.25
Published
Apr 12, 2022
Tracked Since
Feb 18, 2026