Lucene search
+L

107 matches found

Prion
Prion
added 2022/11/23 8:15 p.m.14 views

Directory traversal

qpress before PierreLvx/qpress 20220819 and before version 11.3, as used in Percona XtraBackup and other products, allows directory traversal via ../ in a .qp file...

5CVSS5.2AI score0.01299EPSS
Exploits1References8Affected Software2
OSV
OSV
added 2022/11/23 8:37 a.m.2 views

OPENSUSE-SU-2022:10212-1 Security update for xtrabackup

This update for xtrabackup fixes the following issues: Update xtrabackup to version 2.4.26: - CVE-2020-10997: Information exposure via cmd line output and table history boo1170644 - CVE-2020-29488: Changes in how absolute paths are handled boo1205581...

6.5CVSS6.3AI score0.00951EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/11/23 12:0 a.m.5 views

PT-2022-27659 · Percona · Percona Xtrabackup

Name of the Vulnerable Software and Affected Versions: qpress versions before 11.3 qpress before PierreLvx/qpress 20220819 Description: The issue allows directory traversal via ../ in a .qp file. This can be exploited in products that use qpress, such as Percona XtraBackup. Recommendations: For...

5.3CVSS6.8AI score0.01299EPSS
Exploits1References13
Vulnrichment
Vulnrichment
added 2022/11/23 12:0 a.m.4 views

CVE-2022-45866

qpress before PierreLvx/qpress 20220819 and before version 11.3, as used in Percona XtraBackup and other products, allows directory traversal via ../ in a .qp file...

5.2AI score0.01299EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2022/11/23 12:0 a.m.3 views

PT-2022-37625 · Opensuse +3 · Xtrabackup

This update for xtrabackup fixes the following issues: Update xtrabackup to version 2.4.26: - CVE-2020-10997: Information exposure via cmd line output and table history boo1170644 - CVE-2020-29488: Changes in how absolute paths are handled boo1205581...

6.5CVSS6.2AI score0.00951EPSS
Exploits0References8
CVE
CVE
added 2022/11/23 12:0 a.m.77 views

CVE-2022-45866

CVE-2022-45866 affects the qpress archive tool. The issue is a directory traversal in a ".qp" file that can be exploited by a crafted path ("../"), as used in Percona XtraBackup and other products, allowing access outside the intended directory. The initial description confirms affected versions ...

5.3CVSS5AI score0.01299EPSS
Exploits1References8Affected Software1
FreeBSD
FreeBSD
added 2022/11/23 12:0 a.m.15 views

qpress -- directory traversal

[email protected] reports: qpress before PierreLvx/qpress 20220819 and before version 11.3, as used in Percona XtraBackup and other products, allows directory traversal via ../ in a .qp file...

5.3CVSS7AI score0.01299EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2022/11/23 12:0 a.m.6 views

Security update for xtrabackup (moderate)

openSUSE Security Update: Security update for xtrabackup Announcement ID: openSUSE-SU-2022:10212-1 Rating: moderate References: 1125418 1135095 1170644 1205581 Cross-References: CVE-2020-10997 CVE-2020-29488 CVSS scores: CVE-2020-10997 NVD : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N...

4CVSS7.6AI score0.00951EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/06/02 6:15 p.m.4 views

CVE-2022-26944

Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONASCHEMA.xtrabackuphistory table. NOTE:...

6.5CVSS5.9AI score0.00951EPSS
Exploits0References3
NVD
NVD
added 2022/06/02 6:15 p.m.19 views

CVE-2022-26944

Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONASCHEMA.xtrabackuphistory table. NOTE:...

6.5CVSS0.00851EPSS
Exploits0References2
Prion
Prion
added 2022/06/02 6:15 p.m.9 views

Design/Logic Flaw

Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONASCHEMA.xtrabackuphistory table. NOTE:...

4CVSS6.6AI score0.00951EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2022/06/02 6:15 p.m.44 views

CVE-2022-26944

Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONASCHEMA.xtrabackuphistory table. NOTE:...

6.5CVSS6.6AI score0.00851EPSS
Exploits0References2
CVE
CVE
added 2022/06/02 5:34 p.m.66 views

CVE-2022-26944

Percona XtraBackup 2.4.20 is affected by CVE-2022-26944 and CVE-2020-10997 due to an information exposure: the command line and runtime arguments are written to backup outputs and, when --history is used, to the PERCONA_SCHEMA.xtrabackup_history table. The issue stems from an incomplete fix for C...

6.5CVSS6.5AI score0.00851EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/06/02 5:34 p.m.33 views

CVE-2022-26944

Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONASCHEMA.xtrabackuphistory table. NOTE:...

6.8AI score0.00851EPSS
Exploits0References2
OSV
OSV
added 2022/06/02 5:34 p.m.13 views

CVE-2022-26944

Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONASCHEMA.xtrabackuphistory table. NOTE:...

6.5CVSS6.8AI score0.00851EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/06/02 12:0 a.m.5 views

PT-2022-18132 · Percona · Percona Xtrabackup

Name of the Vulnerable Software and Affected Versions: Percona XtraBackup version 2.4.20 Description: The issue allows sensitive information, such as command line arguments, to be written to backup files and the PERCONA SCHEMA.xtrabackup history table when the --history option is used. This may...

6.5CVSS6.3AI score0.00851EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.8 views

Percona XtraBackup 安全漏洞

Percona XtraBackup is an open source hot backup utility for MySQL databases from Percona USA. A security vulnerability exists in Percona XtraBackup version 2.4.20, which stems from Percona XtraBackup 2.4.20 inadvertently writing a command line to any generated backup file...

6.5CVSS6.4AI score0.00851EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/03/23 12:0 a.m.4 views

Percona XtraBackup 安全漏洞

Percona XtraBackup is an open source hot backup utility for MySQL databases from Percona, USA. A security vulnerability exists in Percona XtraBackup, no information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor's announcement...

5.4AI score
Exploits0References1
CNVD
CNVD
added 2020/04/28 12:0 a.m.4 views

Percona XtraBackup Input Validation Error Vulnerability

Percona XtraBackup is a U.S. Percona company's open source MySQL database hot backup utility . A security vulnerability exists in Percona XtraBackup versions prior to 2.4.20. An attacker can exploit the vulnerability to obtain information...

6.5CVSS6.6AI score0.00951EPSS
Exploits0References1
NVD
NVD
added 2020/04/27 1:15 p.m.19 views

CVE-2020-10997

Percona XtraBackup before 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONASCHEMA.xtrabackuphistory table...

6.5CVSS6.4AI score0.00951EPSS
Exploits0References2
Rows per page
Query Builder