Loading
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and availability. This flaw affects mariadb versions before 10.1.47, before 10.2.34, before 10.3.25, before 10.4.15 and before 10.5.6.
Cite this page
CVE-2020-15180. CVEDatabase.com. Retrieved 1 May 2026. https://cvedatabase.com/cve/CVE-2020-15180
Use CWE-20, Mariadb vendor hub and Mariadb product page to widen CVE-2020-15180 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2023-26785, CVE-2026-32710 and CVE-2023-5157 for nearby disclosures in the same product family.