EUVD-2016-7156

Malware in sbrugna...

SUSE CVE-2016-6225

xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector IV for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files via a Chosen-Plaintext attack. NOTE: this...

Malicious code in xbcrypt-nohejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a163e76793bb0dbc34106a413a795841bbd0b71e5bd37a82afa667022e39b653 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-7262 Malicious code in xbcrypt-nohejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a163e76793bb0dbc34106a413a795841bbd0b71e5bd37a82afa667022e39b653 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Percona XtraBackup Information Disclosure Vulnerability

Percona XtraBackup is the U.S. Percona company's set of open source used to backup MySQL InnoDB database tools. An information disclosure vulnerability exists in xbcrypt in Percona XtraBackup versions prior to 2.3.6 and 2.4.x versions prior to 2.4.5, which stems from the program failing to proper...

Design/Logic Flaw

xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector IV for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files via a Chosen-Plaintext attack. NOTE: this...

CVE-2016-6225

xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector IV for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files via a Chosen-Plaintext attack. NOTE: this...

CVE-2016-6225

CVE-2016-6225 affects Percona XtraBackup’s xbcrypt: versions prior to 2.3.6 (and 2.4.x prior to 2.4.5) fail to properly set the initialization vector (IV) for encryption, enabling context-dependent attackers to potentially obtain sensitive data from encrypted backups via a Chosen-Plaintext attack...

openSUSE Security Update : xtrabackup (openSUSE-2017-132)

This update for xtrabackup fixes the following issues : - CVE-2016-6225: xbcrypt encryption IV not being set properly boo1019858 In addition, XtraBackup was updated to 2.3.6 to include the following improvements : - now supports SHA256 passwords - new supports command options for secure connectio...

openSUSE Security Update : xtrabackup (openSUSE-SU-2014:0363-1)

xtrabackup was updated to 2.1.8 : Disabled the 'binary version check' functionality in the VersionCheck module due to security concerns. The automatic version check remains disabled in the openSUSE package. bnc864194 CVE-2014-2029 More bugs fixed : - do not discard read-ahead buffers through...