CVE-2021-46663

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-46663
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-46663.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-46663
Aliases
Downstream
Related
Published
2022-02-01T02:15:06.880Z
Modified
2026-03-10T23:52:47.921338Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements.

References

Affected packages

Git / github.com/mariadb/server

Affected ranges

Type
GIT
Repo
https://github.com/mariadb/server
Events
Introduced
561b6c7e513abc4ceba263252b519bf715ce80f4
Fixed
3a52569499e2f0c4d1f25db1e81617a9d9755400
Introduced
a2f147af35480e27bd599462db59b9b95f71acd9
Fixed
a36fc80aeb3f835fad02f443d65dc608b74b92d1
Introduced
a19ab67318760f8f155ef7f4f821dfc738542c67
Fixed
b4477ae73c836592268f7fb231eeb38a4fa83bb6
Introduced
3a8ca9096ea82ca61811450775511533d6cb1bb4
Fixed
9aa3564e8a06c3d2027fc514213ecf42b049b06e
Introduced
1a647b700f6b72dc97211510a5d0c647d5d3d911
Fixed
e3894f5d397722dd50fb91dbbdbad3aaf017a4b0
Database specific 
{
    "versions": [
        {
            "introduced": "10.2.41"
        },
        {
            "fixed": "10.2.43"
        },
        {
            "introduced": "10.3.32"
        },
        {
            "fixed": "10.3.34"
        },
        {
            "introduced": "10.4.22"
        },
        {
            "fixed": "10.4.24"
        },
        {
            "introduced": "10.5.9"
        },
        {
            "fixed": "10.5.15"
        },
        {
            "introduced": "10.6.0"
        },
        {
            "fixed": "10.6.7"
        }
    ]
}

Affected versions

mariadb-10.*
mariadb-10.2.41
mariadb-10.2.42

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-46663.json"
vanir_signatures 
[
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "98111117393566517679651759304023085372",
                "304938594711446698139907843226650211733",
                "276479549989744167816865099922120078879",
                "270219840002247898028875582953023464708"
            ]
        },
        "source": "https://github.com/mariadb/server/commit/3a52569499e2f0c4d1f25db1e81617a9d9755400",
        "signature_type": "Line",
        "id": "CVE-2021-46663-84206f5b",
        "target": {
            "file": "sql/sql_lex.cc"
        }
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "function_hash": "165020614219671822891384418769980927498",
            "length": 1922.0
        },
        "source": "https://github.com/mariadb/server/commit/3a52569499e2f0c4d1f25db1e81617a9d9755400",
        "signature_type": "Function",
        "id": "CVE-2021-46663-d4dba36e",
        "target": {
            "file": "sql/sql_lex.cc",
            "function": "st_select_lex::optimize_unflattened_subqueries"
        }
    }
]
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "10.7.0"
            },
            {
                "fixed": "10.7.3"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "34"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "35"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "36"
            }
        ]
    }
]