CVE-2023-52970

Public on 2025-03-08
Modified on 2025-03-14
Description
MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where.
Severity
Medium severity
Medium
CVSS v3 Base Score
4.9
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
HAQM Linux 2 - Core mariadb Pending Fix
HAQM Linux 2 - Mariadb10.5 Extra mariadb Pending Fix
HAQM Linux 2023 mariadb105 Pending Fix

CVSS Scores

Score Type Score Vector
HAQM Linux CVSSv3 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
NVD CVSSv3 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References

Red Hat: CVE-2023-52970 Mitre: CVE-2023-52970