Every CVE whose affected-product data names Percona Xtrabackup, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2022-25834 — CVSS 7.8 (high): In Percona XtraBackup (PXB) through 2.2.24 and 3.x through 8.0.27-19, a crafted filename on the local file system could trigger unexpected…
CVE-2020-10997 — CVSS 6.5 (medium): Percona XtraBackup before 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive…
CVE-2022-26944 — CVSS 6.5 (medium): Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments…
CVE-2015-1027 — CVSS 5.9 (medium): The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade…
CVE-2016-6225 — CVSS 5.9 (medium): xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector (IV) for encryption…
CVE-2013-6394 — CVSS 2.1 (low): Percona XtraBackup before 2.1.6 uses a constant string for the initialization vector (IV), which makes it easier for local users to defeat…