CVE-2020-15180
- Source
- https://cve.org/CVERecord?id=CVE-2020-15180
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-15180.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-15180
- Aliases
- Downstream
- Related
- Published
- 2021-05-27T20:15:07.910Z
- Modified
- 2026-04-10T04:22:49.201951Z
- Severity
-
- 9.0 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in
wsrep_sst_methodallows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and availability. This flaw affects mariadb versions before 10.1.47, before 10.2.34, before 10.3.25, before 10.4.15 and before 10.5.6. - References
Affected packages
Git / github.com/mariadb/server
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mariadb/server
- Events
-
IntroducedFixedIntroducedFixedIntroducedFixedIntroducedFixedIntroducedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "10.1.0" }, { "fixed": "10.1.47" }, { "introduced": "10.2.0" }, { "fixed": "10.2.34" }, { "introduced": "10.3.0" }, { "fixed": "10.3.25" }, { "introduced": "10.4.0" }, { "fixed": "10.4.15" }, { "introduced": "10.5.0" }, { "fixed": "10.5.6" }, { "introduced": "0" }, { "last_affected": "10.0" } ] }
- Type
- GIT
- Repo
- https://github.com/percona/percona-xtradb-cluster
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedFixed
- Database specific
{ "versions": [ { "introduced": "5.6" }, { "fixed": "5.6.49" }, { "introduced": "5.7" }, { "fixed": "5.7.31" }, { "introduced": "8.0" }, { "fixed": "8.0.21" } ] }
Affected versions
Percona-Server-5.*
Percona-Server-5.6.5-60.0
Percona-XtraDB-Cluster-5.*
Percona-XtraDB-Cluster-5.6.14-25.1
Percona-XtraDB-Cluster-5.6.15-25.2
Percona-XtraDB-Cluster-5.6.15-25.3
Percona-XtraDB-Cluster-5.6.15-25.4
Percona-XtraDB-Cluster-5.6.15-25.5
Percona-XtraDB-Cluster-5.6.19-25.6
Percona-XtraDB-Cluster-5.6.20-25.7
Percona-XtraDB-Cluster-5.6.24-25.11
Percona-XtraDB-Cluster-5.6.37-26.21
Percona-XtraDB-Cluster-5.6.47-28.40
Percona-XtraDB-Cluster-5.6.48-28.40
Percona-XtraDB-Cluster-5.7.19-29.22
Percona-XtraDB-Cluster-5.7.30-31.43
Percona-XtraDB-Cluster-8.*
Percona-XtraDB-Cluster-8.0.18-9.1.rc1
Percona-XtraDB-Cluster-8.0.18-9.3
clone-5.*
clone-5.1.0-build
clone-5.1.31-pv-0.2.0-build
clone-5.1.4-build
clone-5.4.0-build
clone-5.4.3-build
clone-5.5.5-m3-build
clone-5.5.6-m3-build
clone-5.6.3-m5-build
clone-5.6.3-m6-build
last-PS-5.*
last-PS-5.5-as-patches
mariadb-10.*
mariadb-10.0.0
mariadb-10.1.0
mariadb-10.1.10
mariadb-10.1.11
mariadb-10.1.12
mariadb-10.1.13
mariadb-10.1.14
mariadb-10.1.15
mariadb-10.1.16
mariadb-10.1.17
mariadb-10.1.18
mariadb-10.1.19
mariadb-10.1.2
mariadb-10.1.20
mariadb-10.1.21
mariadb-10.1.22
mariadb-10.1.23
mariadb-10.1.24
mariadb-10.1.25
mariadb-10.1.26
mariadb-10.1.27
mariadb-10.1.28
mariadb-10.1.29
mariadb-10.1.3
mariadb-10.1.30
mariadb-10.1.31
mariadb-10.1.32
mariadb-10.1.33
mariadb-10.1.34
mariadb-10.1.35
mariadb-10.1.37
mariadb-10.1.38
mariadb-10.1.39
mariadb-10.1.4
mariadb-10.1.41
mariadb-10.1.42
mariadb-10.1.43
mariadb-10.1.46
mariadb-10.1.5
mariadb-10.1.6
mariadb-10.1.7
mariadb-10.1.8
mariadb-10.1.9
mariadb-10.2.0
mariadb-10.2.1
mariadb-10.2.10
mariadb-10.2.11
mariadb-10.2.12
mariadb-10.2.13
mariadb-10.2.14
mariadb-10.2.15
mariadb-10.2.16
mariadb-10.2.18
mariadb-10.2.19
mariadb-10.2.2
mariadb-10.2.20
mariadb-10.2.21
mariadb-10.2.22
mariadb-10.2.23
mariadb-10.2.24
mariadb-10.2.25
mariadb-10.2.26
mariadb-10.2.27
mariadb-10.2.28
mariadb-10.2.29
mariadb-10.2.30
mariadb-10.2.31
mariadb-10.2.33
mariadb-10.2.5
mariadb-10.3.0
mariadb-10.3.1
mariadb-10.3.10
mariadb-10.3.12
mariadb-10.3.16
mariadb-10.3.17
mariadb-10.3.18
mariadb-10.3.19
mariadb-10.3.2
mariadb-10.3.20
mariadb-10.3.21
mariadb-10.3.24
mariadb-10.3.4
mariadb-10.3.5
mariadb-10.3.6
mariadb-10.3.7
mariadb-10.4.10
mariadb-10.4.11
mariadb-10.4.14
mariadb-10.4.3
mariadb-10.4.4
mariadb-10.4.5
mariadb-10.4.7
mariadb-10.4.9
mariadb-10.5.0
mariadb-10.5.2
mariadb-10.5.4
mariadb-10.5.5
mariadb-5.*
mariadb-5.5.20-alpha
mariadb-5.5.23
mysql-3.*
mysql-3.23.22-beta
mysql-3.23.28-gamma
mysql-3.23.30-gamma
mysql-3.23.31
mysql-3.23.32
mysql-3.23.33
mysql-3.23.36
mysql-4.*
mysql-4.0.2
mysql-4.0.4
mysql-5.*
mysql-5.1.4
mysql_4.*
mysql_4.0
mysqlsummit-0.*
mysqlsummit-0.2.0
mysqlsummit-0.2.0-build
mysqlsummit-0.2.1
mysqlsummit-0.2.1-build
Other
pre-null-merge
pxc-8.*
pxc-8.0-galera3
pxc_5.*
pxc_5.6.25-25.12-3.12
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.6.49-28.42.2"
}
]
},
{
"events": [
{
"introduced": "5.7"
},
{
"fixed": "5.7.31-31.45.2"
}
]
},
{
"events": [
{
"introduced": "8.0"
},
{
"fixed": "8.0.20-11.2"
}
]
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-15180.json"