Latest Vulnerabilities and Exploits



CVE ID:

CVE-2022-45866

Details:

qpress before PierreLvx/qpress 20220819 and before version 11.3, as used in Percona XtraBackup and other products, allows directory traversal via ../ in a .qp file.

References:

:https://github.com/EvgeniyPatlan/qpress/commit/ddb312090ebd5794e81bc6fb1dfb4e79eda48761
:https://github.com/PierreLvx/qpress/compare/20170415...20220819
:https://github.com/PierreLvx/qpress/pull/6
:https://github.com/percona/percona-xtrabackup/pull/1366
:https://pkgs.org/download/qpress

ZeroDayLab Assigned Tags:

DIRECTORY TRAVERSAL