107 matches found
Directory traversal
qpress before PierreLvx/qpress 20220819 and before version 11.3, as used in Percona XtraBackup and other products, allows directory traversal via ../ in a .qp file...
OPENSUSE-SU-2022:10212-1 Security update for xtrabackup
This update for xtrabackup fixes the following issues: Update xtrabackup to version 2.4.26: - CVE-2020-10997: Information exposure via cmd line output and table history boo1170644 - CVE-2020-29488: Changes in how absolute paths are handled boo1205581...
PT-2022-27659 · Percona · Percona Xtrabackup
Name of the Vulnerable Software and Affected Versions: qpress versions before 11.3 qpress before PierreLvx/qpress 20220819 Description: The issue allows directory traversal via ../ in a .qp file. This can be exploited in products that use qpress, such as Percona XtraBackup. Recommendations: For...
CVE-2022-45866
qpress before PierreLvx/qpress 20220819 and before version 11.3, as used in Percona XtraBackup and other products, allows directory traversal via ../ in a .qp file...
PT-2022-37625 · Opensuse +3 · Xtrabackup
This update for xtrabackup fixes the following issues: Update xtrabackup to version 2.4.26: - CVE-2020-10997: Information exposure via cmd line output and table history boo1170644 - CVE-2020-29488: Changes in how absolute paths are handled boo1205581...
CVE-2022-45866
CVE-2022-45866 affects the qpress archive tool. The issue is a directory traversal in a ".qp" file that can be exploited by a crafted path ("../"), as used in Percona XtraBackup and other products, allowing access outside the intended directory. The initial description confirms affected versions ...
qpress -- directory traversal
[email protected] reports: qpress before PierreLvx/qpress 20220819 and before version 11.3, as used in Percona XtraBackup and other products, allows directory traversal via ../ in a .qp file...
Security update for xtrabackup (moderate)
openSUSE Security Update: Security update for xtrabackup Announcement ID: openSUSE-SU-2022:10212-1 Rating: moderate References: 1125418 1135095 1170644 1205581 Cross-References: CVE-2020-10997 CVE-2020-29488 CVSS scores: CVE-2020-10997 NVD : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N...
CVE-2022-26944
Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONASCHEMA.xtrabackuphistory table. NOTE:...
CVE-2022-26944
Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONASCHEMA.xtrabackuphistory table. NOTE:...
Design/Logic Flaw
Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONASCHEMA.xtrabackuphistory table. NOTE:...
CVE-2022-26944
Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONASCHEMA.xtrabackuphistory table. NOTE:...
CVE-2022-26944
Percona XtraBackup 2.4.20 is affected by CVE-2022-26944 and CVE-2020-10997 due to an information exposure: the command line and runtime arguments are written to backup outputs and, when --history is used, to the PERCONA_SCHEMA.xtrabackup_history table. The issue stems from an incomplete fix for C...
CVE-2022-26944
Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONASCHEMA.xtrabackuphistory table. NOTE:...
CVE-2022-26944
Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONASCHEMA.xtrabackuphistory table. NOTE:...
PT-2022-18132 · Percona · Percona Xtrabackup
Name of the Vulnerable Software and Affected Versions: Percona XtraBackup version 2.4.20 Description: The issue allows sensitive information, such as command line arguments, to be written to backup files and the PERCONA SCHEMA.xtrabackup history table when the --history option is used. This may...
Percona XtraBackup 安全漏洞
Percona XtraBackup is an open source hot backup utility for MySQL databases from Percona USA. A security vulnerability exists in Percona XtraBackup version 2.4.20, which stems from Percona XtraBackup 2.4.20 inadvertently writing a command line to any generated backup file...
Percona XtraBackup 安全漏洞
Percona XtraBackup is an open source hot backup utility for MySQL databases from Percona, USA. A security vulnerability exists in Percona XtraBackup, no information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor's announcement...
Percona XtraBackup Input Validation Error Vulnerability
Percona XtraBackup is a U.S. Percona company's open source MySQL database hot backup utility . A security vulnerability exists in Percona XtraBackup versions prior to 2.4.20. An attacker can exploit the vulnerability to obtain information...
CVE-2020-10997
Percona XtraBackup before 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONASCHEMA.xtrabackuphistory table...