{"id":"BIT-mysql-client-2022-27377","details":"MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Item_func_in::cleanup(), which is exploited via specially crafted SQL statements.","aliases":["BIT-mariadb-2022-27377","BIT-mariadb-min-2022-27377","CVE-2022-27377"],"modified":"2025-06-10T12:56:42.316854Z","published":"2024-03-06T11:03:51.774Z","database_specific":{"severity":"High","cpes":["cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*"]},"references":[{"type":"WEB","url":"https://jira.mariadb.org/browse/MDEV-26281"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html"},{"type":"WEB","url":"https://security.netapp.com/advisory/ntap-20220526-0007/"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27377"}],"affected":[{"package":{"name":"mysql-client","ecosystem":"Bitnami","purl":"pkg:bitnami/mysql-client"},"ranges":[{"type":"SEMVER","events":[{"introduced":"10.2.0"},{"fixed":"10.2.44"},{"introduced":"10.3.0"},{"fixed":"10.3.35"},{"introduced":"10.4.0"},{"fixed":"10.4.25"},{"introduced":"10.5.0"},{"fixed":"10.5.16"},{"introduced":"10.6.0"},{"fixed":"10.6.8"},{"introduced":"10.7.0"},{"fixed":"10.7.4"}]}],"database_specific":{"source":"https://github.com/bitnami/vulndb/tree/main/data/mysql-client/BIT-mysql-client-2022-27377.json"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}],"schema_version":"1.7.3"}