This page is about security vulnerabilities that have been fixed for or still affect MariaDB ColumnStore. In addition links are included to fixed security vulnerabilities in MariaDB Server since MariaDB ColumnStore is based on MariaDB Server.
Sensitive security issues can be sent directly to the persons responsible for MariaDB security: security [AT] mariadb (dot) org.
CVE® stands for "Common Vulnerabilities and Exposures". It is a publicly available and free to use database of known software vulnerabilities maintained at https://cve.mitre.org/
CVEs fixed in ColumnStore
The current GA version of ColumnStore is based upon MariaDB Server 10.1.21. The Server Release Notes document CVEs fixed within this release. Additional information can also be found at Security Vulnerabilities Fixed in MariaDB.
There are no known CVEs on ColumnStore specific infrastructure outside of the MariaDB Server at this time.