Lucene search
GitHub_MCVELIST:CVE-2020-15180HistoryMay 27, 2021 - 7:45 p.m.
CVE-2020-15180
2021-05-2719:45:28
CWE-20
GitHub_M
www.cve.org
6
flaw
input sanitization
command injection
remote attacker
arbitrary commands
galera cluster nodes
confidentiality
integrity
availability
mariadb
versions
cve-2020-15180
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrep_sst_method allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system’s confidentiality, integrity, and availability. This flaw affects mariadb versions before 10.1.47, before 10.2.34, before 10.3.25, before 10.4.15 and before 10.5.6.
CNA Affected
[
{
"product": "mariadb",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "mariadb 10.1.47, mariadb 10.2.34, mariadb 10.3.25, mariadb 10.4.15, mariadb 10.5.6"
}
]
}
]Related
nessus
nessus
MariaDB 10.1.0 < 10.1.47 A Vulnerability
2020-10-06 00:00:00
FreeBSD : MariaDB -- Undisclosed vulnerability (a2565962-1156-11eb-9c9c-d4c9ef517024)
2020-10-19 00:00:00
MariaDB 10.2.0 < 10.2.34 A Vulnerability
2020-10-06 00:00:00
redhat
redhat
(RHSA-2020:5379) Important: mariadb-galera security update
2020-12-08 14:47:51
openvas
openvas
Mageia: Security Advisory (MGASA-2020-0382)
2022-01-28 00:00:00
Debian: Security Advisory (DLA-2409-1)
2020-10-22 00:00:00
Debian: Security Advisory (DSA-4776-1)
2020-10-22 00:00:00
debiancve
debiancve
CVE-2020-15180
2021-05-27 20:15:07
altlinux
altlinux
Security fix for the ALT Linux 8 package mariadb version 10.1.47-alt1
2020-12-11 00:00:00
Security fix for the ALT Linux 9 package mariadb version 10.4.17-alt1
2020-11-13 00:00:00
osv
osv
mariadb-10.1 - security update
2020-10-21 00:00:00
mariadb-10.3 - security update
2020-10-20 00:00:00
BIT-mariadb-2020-15180
2024-03-06 11:09:20
veracode
veracode
Remote Code Execution
2020-10-11 23:31:42
ubuntucve
ubuntucve
CVE-2020-15180
2021-05-27 00:00:00
gentoo
gentoo
MariaDB: Remote code execution
2020-11-11 00:00:00
alpinelinux
alpinelinux
CVE-2020-15180
2021-05-27 20:15:07
freebsd
freebsd
MariaDB -- Undisclosed vulnerability
2020-10-07 00:00:00
prion
prion
Command injection
2021-05-27 20:15:00
debian
debian
[SECURITY] [DSA 4776-1] mariadb-10.3 security update
2020-10-20 17:53:58
[SECURITY] [DLA 2409-1] mariadb-10.1 security update
2020-10-21 07:39:12
redhatcve
redhatcve
CVE-2020-15180
2020-11-05 13:01:52
mariadbunix
mariadbunix
CVE-2020-15180
2021-05-27 20:15:07
f5
f5
K75885190 : MariaDB vulnerability CVE-2020-15180
2021-07-12 00:00:00
mageia
mageia
Updated mariadb packages fix security vulnerability
2020-10-13 15:39:02
nvd
nvd
CVE-2020-15180
2021-05-27 20:15:07
cve
cve
CVE-2020-15180
2021-05-27 20:15:07
suse
suse
Security update for mariadb (important)
2020-12-15 00:00:00
Security update for mariadb (moderate)
2020-12-02 00:00:00
Security update for mariadb (moderate)
2020-11-28 00:00:00
ubuntu
ubuntu
MariaDB vulnerabilities
2020-10-27 00:00:00
oraclelinux
oraclelinux
mariadb:10.3 security, bug fix, and enhancement update
2020-12-18 00:00:00
almalinux
almalinux
Important: mariadb:10.3 security, bug fix, and enhancement update
2020-12-15 16:03:43
rocky
rocky
mariadb:10.3 security, bug fix, and enhancement update
2020-12-15 16:03:43