Vulnerabilities > Percona > Monitoring AND Management > 2.2.0

DATE CVE VULNERABILITY TITLE RISK
2023-06-06 CVE-2023-34409 Path Traversal vulnerability in Percona Monitoring and Management 2.2.0/2.2.1
In Percona Monitoring and Management (PMM) server 2.x before 2.37.1, the authenticate function in auth_server.go does not properly formalize and sanitize URL paths to reject path traversal attempts.
network
low complexity
percona CWE-22
critical
 9.8
9.8
2020-02-06 CVE-2020-7920 Resource Exhaustion vulnerability in Percona Monitoring and Management 2.2.0
pmm-server in Percona Monitoring and Management (PMM) 2.2.x before 2.2.1 allows unauthenticated denial of service.
network
low complexity
percona CWE-400
7.8
7.8