MariaDB Server 10.10-11.4 Crash in JOIN::fix_all_splittings_in_plan
CVE-2023-52971 Published on March 8, 2025
MariaDB Server 10.10 through 10.11.* and 11.0 through 11.4.* crashes in JOIN::fix_all_splittings_in_plan.
Weakness Type
Insecure Automated Optimizations
The product uses a mechanism that automatically optimizes code, e.g. to improve a characteristic such as performance, but the optimizations can have an unintended side effect that might violate an intended security assumption.
Products Associated with CVE-2023-52971
Want to know whenever a new CVE is published for MariaDB? stack.watch will email you.
Affected Versions
MariaDB:- Version 10.10 and below 10.11.* is affected.
- Version 11.0 and below 11.4.* is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.