VDB
CVE-2024-27766
CVE-2024-27766
PUBLISHED
CVSS 9.300000190734863 CRITICAL
An issue in MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the lib_mysqludf_sys.so function. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.
EPSS 30.15% · 96.8th percentile
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score
30.15%
96.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | mariadb-min | 11.1.0 |
| Bitnami | mariadb | 11.1.0 |
| Bitnami | mariadb-min | 11.1.0, 11.1.0, 11.1.0 |
| Bitnami | mariadb | 11.1.0, 11.1.0, 11.1.0 |
| Bitnami | mysql-client | 11.1.0, 11.1.0, 11.1.0 |
| Bitnami | mysql-client | 11.1.0 |
Exploit Intelligence
- y0un9eee/CVE-2024-27766 (github-poc-repo)
- y0un9eee/CVE-2024-27766 (github-poc-repo)
- y0un9eee/CVE-2024-27766 (github-poc-repo)
- y0un9eee/CVE-2024-27766 (github-poc-repo)
- y0un9eee/CVE-2024-27766 (github-poc-repo)
- y0un9eee/CVE-2024-27766 (github-poc-repo)
- y0un9eee/CVE-2024-27766 (github-poc-repo)
- y0un9eee/CVE-2024-27766 (github-poc-repo)
- y0un9eee/CVE-2024-27766 (github-poc-repo)
- y0un9eee/CVE-2024-27766 (github-poc)
…and 16 more exploits
Timeline
- Oct 17, 2024 CVE Published
- Oct 17, 2024 Coalition ESS Score
- Oct 18, 2024 EPSS Score
- Oct 18, 2024 Coalition ESS Score
- Oct 18, 2024 Coalition ESS Score
- Oct 20, 2024 CVE Updated
- Oct 21, 2024 Coalition ESS Score
- Nov 24, 2024 EPSS Score
- Dec 14, 2024 EPSS Score
- Jan 17, 2025 Coalition ESS Score
- Jan 20, 2025 EPSS Score
- Feb 7, 2025 EPSS Score