CVE-2022-45866

Published: Nov 23, 2022

Modified: Apr 25, 2025

PUBLISHED

Description

qpress before PierreLvx/qpress 20220819 and before version 11.3, as used in Percona XtraBackup and other products, allows directory traversal via ../ in a .qp file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://pkgs.org/download/qpress

https://github.com/PierreLvx/qpress/pull/6

https://github.com/EvgeniyPatlan/qpress/commit/ddb312090ebd5794e81bc6fb1dfb4e79eda48761

https://github.com/PierreLvx/qpress/compare/20170415...20220819

https://github.com/percona/percona-xtrabackup/pull/1366

FEDORA-2022-dacf699829

vendor-advisory

FEDORA-2022-e19ca639ef

vendor-advisory

FEDORA-2022-0ff8149aad

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-45866

Description

Affected Products

References