{"id":"CVE-2020-13249","details":"libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadb_lib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle.","modified":"2026-05-15T12:03:58.440241665Z","published":"2020-05-20T19:15:09.163Z","related":["ALSA-2020:5500","ALSA-2020:5503","SUSE-RU-2023:3956-1","SUSE-RU-2023:4991-1","SUSE-SU-2020:1423-1","SUSE-SU-2020:1431-1","SUSE-SU-2020:1710-1","SUSE-SU-2020:1711-1","SUSE-SU-2020:3625-1","openSUSE-SU-2020:0738-1","openSUSE-SU-2020:0870-1","openSUSE-SU-2024:11038-1","openSUSE-SU-2024:11039-1"],"database_specific":{"unresolved_ranges":[{"source":"CPE_FIELD","extracted_events":[{"last_affected":"31"},{"last_affected":"32"}],"cpes":["cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"],"vendor_product":"fedoraproject:fedora"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"15.1"}],"cpes":["cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"],"vendor_product":"opensuse:leap"}]},"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UW2ED32VEUHXFN2J3YQE27JIBV4SC2PI/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00064.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html"},{"type":"ADVISORY","url":"https://github.com/mariadb-corporation/mariadb-connector-c/compare/v3.1.7...v3.1.8"},{"type":"FIX","url":"https://github.com/mariadb-corporation/mariadb-connector-c/commit/2759b87d72926b7c9b5426437a7c8dd15ff57945"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}