Security Vulnerabilities Fixed in MariaDB

This page is about security vulnerabilities fixed in MariaDB. If you are looking for information on securing your MariaDB installation, see Securing MariaDB.

Sensitive security issues can be reported on https://hackerone.com/mariadb or sent directly to the persons responsible for MariaDB security: security [AT] mariadb (dot) org.

About CVEs

CVE® stands for "Common Vulnerabilities and Exposures". It is a publicly available and free to use database of known software vulnerabilities maintained at

On this page is the master list of CVEs fixed across all versions of MariaDB. Follow the links to more information on a particular CVE or specific version of MariaDB.

Some CVEs apply to MySQL but are not present in MariaDB, these are listed on the Security Vulnerabilities fixed in Oracle MySQL that did not exist in MariaDB page.

Separate lists of CVEs fixed in specific MariaDB series are maintained on their individual "What is MariaDB x.x?" pages:

Full List of CVEs fixed in MariaDB

CVEs without specific version numbers:

The following CVEs were fixed in MariaDB 5.1 and/or MariaDB 5.5 as indicated, but the fix is not tied to a specific MariaDB version.

_{This page is licensed: CC BY-SA / Gnu FDL}

PreviousHashicorp Key Management Plugin NextSecurity Vulnerabilities Fixed in Oracle MySQL That Did Not Exist in MariaDB

Last updated 5 days ago

Was this helpful?