Lucene search
K
PerconaXtrabackup

6 matches found

CVE
CVE
added 2017/03/23 4:0 p.m.68 views

CVE-2016-6225

CVE-2016-6225 affects Percona XtraBackup’s xbcrypt: versions prior to 2.3.6 (and 2.4.x prior to 2.4.5) fail to properly set the initialization vector (IV) for encryption, enabling context-dependent attackers to potentially obtain sensitive data from encrypted backups via a Chosen-Plaintext attack...

5.9CVSS5.2AI score0.01123EPSS
CVE
CVE
added 2022/06/02 5:34 p.m.66 views

CVE-2022-26944

Percona XtraBackup 2.4.20 is affected by CVE-2022-26944 and CVE-2020-10997 due to an information exposure: the command line and runtime arguments are written to backup outputs and, when --history is used, to the PERCONA_SCHEMA.xtrabackup_history table. The issue stems from an incomplete fix for C...

6.5CVSS6.5AI score0.00851EPSS
CVE
CVE
added 2017/09/28 7:0 p.m.57 views

CVE-2015-1027

CVE-2015-1027 affects the version-checking subroutine in percona-toolkit < 2.2.13 and xtrabackup = 2.2.13 and xtrabackup >= 2.2.9), and apply vendor-specific updates as available.

5.9CVSS5.6AI score0.01195EPSS
CVE
CVE
added 2023/06/07 12:0 a.m.56 views

CVE-2022-25834

Percona XtraBackup (PXB) versions up to 2.2.24 and 3.x up to 8.0.27-19 are affected by CVE-2022-25834. A crafted local filename could trigger arbitrary command shell execution. Reported impact is high (local access required, arbitrary code execution). Remediation: upgrade to Percona XtraBackup 8....

7.8CVSS7.5AI score0.00461EPSS
CVE
CVE
added 2013/12/13 6:0 p.m.55 views

CVE-2013-6394

Percona XtraBackup had an IV handling flaw (constant IV) up to 2.1.6, enabling plaintext-attacks against encrypted backups. The issue is acknowledged as a result of an incomplete fix; later advisories indicate that xbcrypt in 2.3.6 and 2.4.x before 2.4.5 does not properly set the IV, implying an ...

2.1CVSS5.4AI score0.0038EPSS
CVE
CVE
added 2020/04/27 12:38 p.m.47 views

CVE-2020-10997

Percona XtraBackup before 2.4.20 exposes sensitive runtime command-line arguments: the backup file output may contain the command line, and the run-time command is also written to PERCONA_SCHEMA.xtrabackup_history when --history is used. This information exposure is the CVE-2020-10997 issue. Publ...

6.5CVSS6.3AI score0.00951EPSS