Vulnerabilities > Percona > Xtradb Cluster

DATE CVE VULNERABILITY TITLE RISK
2021-05-27 CVE-2020-15180 Command Injection vulnerability in multiple products
A flaw was found in the mysql-wsrep component of mariadb.
network
high complexity
mariadb debian percona galeracluster CWE-77
critical
9.0
2020-04-27 CVE-2020-10996 Inappropriate Encoding for Output Context vulnerability in Percona Xtradb Cluster
An issue was discovered in Percona XtraDB Cluster before 5.7.28-31.41.2.
network
percona CWE-838
6.8
2018-01-25 CVE-2017-15365 sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.
network
low complexity
fedoraproject mariadb percona
8.8
2016-12-13 CVE-2016-6664 Link Following vulnerability in multiple products
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.
local
high complexity
oracle mariadb percona CWE-59
7.0
2016-12-13 CVE-2016-6663 Race Condition vulnerability in multiple products
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
4.4