Vulnerability DatabaseCVE-2022-26944

CVE-2022-26944:
Linux Gentoo vulnerability analysis and mitigation

Overview

A security vulnerability identified as CVE-2022-26944 was discovered in Percona XtraBackup, a MySQL backup utility. The vulnerability was related to password exposure in the backup tool's command information (Percona Docs).

Technical details

The vulnerability occurred when a password passed using the -p command line option was being written into the backup toolcommand in xtrabackupinfo file, potentially exposing sensitive authentication credentials (Percona Docs).

Impact

This vulnerability could lead to the exposure of database credentials, potentially allowing unauthorized access to the database if the backup files were accessed by malicious actors (Percona Docs).

Mitigation and workarounds

The vulnerability was fixed in Percona XtraBackup version 2.4.25, released on April 26, 2022. Users are advised to upgrade to this version or later to address the security issue (Percona Docs).

Additional resources

Source: This report was generated using AI

Related Linux Gentoo vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-13470	HIGH	7.7	Linux Debian	rnp-debugsource	No	Yes	Nov 21, 2025
CVE-2025-65018	HIGH	7.1	NixOS	java-1.8.0-openjdk-devel-fastdebug	No	Yes	Nov 25, 2025
CVE-2025-64720	HIGH	7.1	NixOS	java-1.8.0-openjdk-javadoc-zip	No	Yes	Nov 25, 2025
CVE-2025-64506	MEDIUM	6.1	NixOS	java-1.8.0-openjdk-demo-slowdebug	No	Yes	Nov 25, 2025
CVE-2025-64505	MEDIUM	6.1	NixOS	java-25-openjdk-jmods-fastdebug	No	Yes	Nov 25, 2025