[Bug 1828442] CVE-2020-10997 percona-xtrabackup: Information exposure via cmd line output and table history

Author:



Percona XtraBackup before 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when –history is passed at run time, this command line is also written to the PERCONA_SCHEMA.xtrabackup_history table.



Source link

Write a comment:
*

Your email address will not be published.

RELATED STORIES
vamtam-theme-circle-post
Category Product Vulnerabilities

A Softer Approach From Thailand’s Sophisticated Monarch – The Diplomat

June 6, 2020
Advertisement The Thai government has recently re-engineered its communication strategy vis-à-vis critics of the monarchy....
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

Dos nuevos fallos críticos en Zoom permiten hackear los dispositivos de los usuarios — Una al Día

June 6, 2020
Dos nuevos fallos críticos en Zoom permiten hackear los dispositivos de los usuarios — Una...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-13864 – Alert Detail – Security Database

June 6, 2020
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-13865 – Alert Detail – Security Database

June 6, 2020
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-13646 – Alert Detail – Security Database

June 6, 2020
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-11697 – Alert Detail – Security Database

June 6, 2020
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-11696 – Alert Detail – Security Database

June 6, 2020
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...
Read More
Category Product Vulnerabilities

Security Bulletin: IBM Maximo Asset Management is vulnerable to server side request forgery (SSRF) (CVE-2020-4529)

June 6, 2020
Jun 5, 2020 8:00 pm EDT Categorized: High Severity Share this post: IBM...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-10071 – Alert Detail – Security Database

June 6, 2020
Executive Summary Informations Name CVE-2020-10071 First vendor Publication 2020-06-05 Vendor Cve Last vendor Modification 2020-06-05...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-10070 – Alert Detail – Security Database

June 6, 2020
Executive Summary Informations Name CVE-2020-10070 First vendor Publication 2020-06-05 Vendor Cve Last vendor Modification 2020-06-05...
Read More
digitpol
scale
element-support
Call Center
+31 55 8448040
element-map
Location

Global

International Cyber Crime Investigation

Digitpol is licensed by the Ministry of Justice: Licence Number POB1557

©Digitpol. All images and content are copyright of Digitpol and can not be used, replicated or reproduced without written permission. 2019.

Privacy  /   Terms and Policy   /   Site map  /   Contact