MariaDB DoS Vulnerability (MDEV-25761) - Linux


I found two vulnerability tests in the greenbone security feed which had the same name to identify different CVEs.
I think the naming-procedure from greenbone includes the startegy to give NVTs a unique name, so this should be a bug/problem.

Would it be possible to rename the NVTs?

Best Regards,


Thanks a lot for your posting.

While we encourage VT developers to choose an unique name for scripts it is not mandatory / a requirement and doesn’t bring and technical problems or similar.

It is mainly done for user convenience because it happen quite often in the past that users though some of the results have been duplicated in their reports because they only had a look at the name of the script and not on the details / CVE references of a result which were indeed different.

But in this specific reported case one of the VTs in question should have referenced MDEV-25787 instead. The script names in question is currently getting updated and the changes should arrive in the feed tomorrow or the day after (depending on the next successful feed publishing).

Thanks again.

1 Like