{"id":"CVE-2022-27377","details":"MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Item_func_in::cleanup(), which is exploited via specially crafted SQL statements.","aliases":["BIT-mariadb-2022-27377","BIT-mariadb-min-2022-27377","BIT-mysql-client-2022-27377"],"modified":"2026-05-15T12:04:28.643658226Z","published":"2022-04-12T19:14:18Z","related":["ALSA-2022:5826","ALSA-2022:5948","ALSA-2022:6443","SUSE-RU-2023:3956-1","SUSE-RU-2023:4991-1","SUSE-SU-2022:2003-1","SUSE-SU-2022:2107-1","SUSE-SU-2022:2160-1","SUSE-SU-2022:2189-1","SUSE-SU-2022:2561-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/27xxx/CVE-2022-27377.json","cna_assigner":"mitre"},"references":[{"type":"WEB","url":"https://jira.mariadb.org/browse/MDEV-26281"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/27xxx/CVE-2022-27377.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27377"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20220526-0007/"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html"}],"schema_version":"1.7.5"}