MariaDB through 10.5.9 allows an application crash in findfieldintables and findorderinlist via an unused common table expression (CTE).
[
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"98111117393566517679651759304023085372",
"304938594711446698139907843226650211733",
"276479549989744167816865099922120078879",
"270219840002247898028875582953023464708"
]
},
"id": "CVE-2021-46661-84206f5b",
"target": {
"file": "sql/sql_lex.cc"
},
"source": "https://github.com/mariadb/server/commit/3a52569499e2f0c4d1f25db1e81617a9d9755400",
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false
},
{
"digest": {
"function_hash": "165020614219671822891384418769980927498",
"length": 1922.0
},
"id": "CVE-2021-46661-d4dba36e",
"target": {
"function": "st_select_lex::optimize_unflattened_subqueries",
"file": "sql/sql_lex.cc"
},
"source": "https://github.com/mariadb/server/commit/3a52569499e2f0c4d1f25db1e81617a9d9755400",
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
}
]