Percona · Percona Xtrabackup · CVE-2020-10997
**Name of the Vulnerable Software and Affected Versions**
Percona XtraBackup versions prior to 2.4.20
**Description**
The issue allows sensitive information to be unintentionally written to backup files and the PERCONA SCHEMA.xtrabackup history table when the `--history` option is used. This may include sensitive arguments passed at runtime.
**Recommendations**
For Percona XtraBackup versions prior to 2.4.20, update to version 2.4.20 or later to resolve the issue. As a temporary workaround, consider avoiding the use of sensitive arguments when running Percona XtraBackup, and refrain from using the `--history` option until the update is applied.