MariaDB is not MySQL

For compatibility MariaDB has a version prefix “5.5.5-”.

Just google it:"5.5.5"+version

This is unfortunate, because InsightVM “thinks” it sees a MySQL-Server so it reports a ton of vulnerabilities for that.

What is the right way to deal with that? I could exclude all findings, but that would be a never ending story for every new MySQL vulnerability.

Kind regards


I reached out to the support. They were really fast an confirmed that the scanner incorrectly fingerprints MariaDB as MySQL causing False Positives.

It is now in the Engineering Backlog.