CVE-2023-52970

State: PUBLISHED · Published: 2025-03-08 · Updated: 2025-11-03 · Assigner: mitre

Description

MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where.

CWE

CWE-1038 — CWE-1038 Insecure Automated Optimizations

Affected

MariaDB / MariaDB — v=10.4 <10.5.* [affected]; v=10.6 <10.6.* [affected]; v=10.7 <10.11.* [affected]; v=11.0 <11.0.* [affected]; v=11.1 <11.4.* [affected]

CVSS

3.1 score=4.9 severity=MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References

https://jira.mariadb.org/browse/MDEV-32086

Source

cvelistV5-main/cves/2023/52xxx/CVE-2023-52970.json