VID |
25400 |
Severity |
30 |
Port |
3306 |
Protocol |
TCP |
Class |
DB |
Detailed Description |
The version of MariaDB installed on the remote host is prior to 10.10.4. It is, therefore, affected by a vulnerability as referenced in the mdb-10-10-4-rn advisory.
- MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer. (CVE-2022-47015)
* References: https://mariadb.com/kb/en/mdb-10-10-4-rn
* Platforms Affected: MariaDB versions 10.10.x prior to 10.10.4 Any operating system Any version |
Recommendation |
Upgrade to the latest version of MariaDB (10.10.4 or later), available from the MariaDB Web site at https://downloads.mariadb.org/ |
Related URL |
CVE-2022-47015 (CVE) |
Related URL |
(SecurityFocus) |
Related URL |
(ISS) |
|