CVE-2021-46658: 
MariaDB Server vulnerability analysis and mitigation

CVE-2021-46658 affects MariaDB versions before 10.6.3, specifically impacting the save_window_function_values functionality. The vulnerability was discovered in early 2021 and involves incorrect handling of with_window_func=true for a subquery (NVD, MariaDB Security).

The vulnerability has a CVSS v3.1 Base Score of 5.5 (MEDIUM) with a vector of CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. The issue specifically occurs in the save_window_function_values function when processing window functions in left expressions of IN subqueries (MariaDB Issue, NetApp Advisory).

When successfully exploited, this vulnerability can lead to an application crash, resulting in a Denial of Service (DoS) condition. The impact is limited to availability, with no direct effect on confidentiality or integrity of the system (NetApp Advisory).

The vulnerability has been fixed in MariaDB version 10.6.3 and corresponding security patches have been released for affected versions including 10.2.40, 10.3.31, 10.4.21, and 10.5.12. Users are advised to upgrade to these or later versions to mitigate the vulnerability (MariaDB Security).