Crash Vulnerability in MariaDB Server Across Multiple Versions
CVE-2023-52968

4.9MEDIUM

Key Information:

Vendor: Mariadb
Status: Mariadb
Vendor: CVE Published:; 8 March 2025

What is CVE-2023-52968?

A vulnerability in MariaDB Server could cause a crash through improper handling in the mysql_derived_prepare function when derived is not yet prepared. This flaw impacts several versions of the database, potentially leading to system instability if exploited.

Affected Version(s)

MariaDB 10.4 < 10.4.33

MariaDB 10.5 < 10.5.24

MariaDB 10.6 < 10.6.17

References

https://jira.mariadb.org/browse/MDEV-32082

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 8, 2025
Vulnerability Reserved
Mar 8, 2025

Mariadb

What is CVE-2023-52968?

Affected Version(s)

References

CVSS V3.1

Timeline