CVE-2022-45866

Published November 23rd, 2022

View on NVD ↗

CVSS v3

5.3

MEDIUM

CVSS v2

N/A

Affected

PROJECTS

Description

qpress before PierreLvx/qpress 20220819 and before version 11.3, as used in Percona XtraBackup and other products, allows directory traversal via ../ in a .qp file.

EvgeniyPatlan/qpress

Patched version of the qpress file archiver.

GitHub

PierreLvx/qpress

Patched version of the qpress file archiver.

GitHub

percona/percona-xtrabackup

Open source hot backup tool for InnoDB and XtraDB databases

GitHub

1.53K