BIT-mysql-client-2026-44169

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/mysql-client/BIT-mysql-client-2026-44169.json

JSON Data

https://api.osv.dev/v1/vulns/BIT-mysql-client-2026-44169

Aliases

Published

2026-06-16T11:50:05.322Z

Modified

2026-06-16T12:26:28.621564050Z

Summary

MariaDB: Authorization bypass in role-based routine-level privilege check exposes stored routine definitions

Details

MariaDB server is a community developed fork of MySQL server. From versions 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, a user getting EXECUTE access to a stored routine via a role, could see the routine definition even without SHOW CREATE ROUTINE privilege. This issue has been patched in versions 11.4.11, 11.8.7, and 12.3.2.

Database specific

{
    "cpes": [
        "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*"
    ],
    "severity": "Medium"
}

References

Affected packages

Bitnami / mysql-client

Package

Name: mysql-client
Purl: pkg:bitnami/mysql-client

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

11.4.1

Fixed

11.4.11

Introduced

11.8.1

Fixed

11.8.7

Introduced

12.3.1

Fixed

12.3.2

Database specific

source

"https://github.com/bitnami/vulndb/tree/main/data/mysql-client/BIT-mysql-client-2026-44169.json"