Bug 2494785

Summary: CVE-2026-44170 mariadb11.8: Arbitrary shell command execution via improper sanitization in CONNECT engine [fedora-all]
Product: [Fedora] Fedora Reporter: Praise Ogwuche <pogwuche>
Component: mariadb11.8Assignee: Michal Schorm <mschorm>
Status: CLOSED RAWHIDE QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: rawhideCC: db-sig, mschorm, ndavidov, psloboda
Target Milestone: ---Keywords: Security, SecurityTracking
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: {"flaws": ["dee46a19-cb79-454c-9681-dff717cea15f"]}
Fixed In Version: Doc Type: ---
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2026-06-30 10:58:37 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2488451    

Description Praise Ogwuche 2026-06-30 08:08:12 UTC
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB on WIndows with installed CONNECT engine and enabled REST support interpolated table HTTP attribute into the curl command line without proper sanitizing. This allows the user to execute shell commands on the server. This issue has been patched in versions 10.6.26, 10.11.17, 11.4.11, 11.8.7, and 12.3.2.

Comment 1 Michal Schorm 2026-06-30 10:58:37 UTC
Fixed in the version currently available in Fedora Rawhide