MariaDB through 10.5.9 allows attackers to trigger a convertconstto_int use-after-free when the BIGINT data type is used.
{ "vanir_signatures": [ { "signature_version": "v1", "digest": { "length": 3842.0, "function_hash": "139410885805228531428960716111714496814" }, "source": "https://github.com/mariadb/server/commit/0ba528fe56f6c637d9fbc9d177a62610038fd519", "deprecated": false, "target": { "file": "sql/sql_parse.cc", "function": "st_select_lex::add_table_to_list" }, "signature_type": "Function", "id": "CVE-2021-46669-261ea06f" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "109653293203522022930865857668421870622", "29073102755632696090890904852202915678", "319062535768988456620840697081414713359", "80418953152597147384415640027788794032" ] }, "source": "https://github.com/mariadb/server/commit/0ba528fe56f6c637d9fbc9d177a62610038fd519", "deprecated": false, "target": { "file": "sql/sql_parse.cc" }, "signature_type": "Line", "id": "CVE-2021-46669-7971ffe8" } ] }