2 matches found
mariadb: Insufficient SST method name check leading to code injection in mysql-wsrep
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and...
PT-2020-6188 · Mariadb +8 · Mariadb +9
Name of the Vulnerable Software and Affected Versions: mariadb versions prior to 10.1.47 mariadb versions prior to 10.2.34 mariadb versions prior to 10.3.25 mariadb versions prior to 10.4.15 mariadb versions prior to 10.5.6 Description: The issue is related to errors in input data processing duri...