Lucene search
SnykCVE-2024-21512HistoryMay 29, 2024 - 5:16 a.m.
CVE-2024-21512
2024-05-2905:16:08
CWE-1321
snyk
web.nvd.nist.gov
51
nvd
cve-2024-21512
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
15.5%
Versions of the package mysql2 before 3.9.8 are vulnerable to Prototype Pollution due to improper user input sanitization passed to fields and tables when using nestTables.
CNA Affected
[
{
"product": "mysql2",
"versions": [
{
"version": "0",
"lessThan": "3.9.8",
"status": "affected",
"versionType": "semver"
}
],
"vendor": "n/a"
},
{
"product": "org.webjars.npm:mysql2",
"versions": [
{
"version": "0",
"lessThan": "*",
"status": "affected",
"versionType": "semver"
}
],
"vendor": "n/a"
}
]Related
nvd
nvd
CVE-2024-21512
2024-05-29 05:16:08
github
github
mysql2 vulnerable to Prototype Pollution
2024-05-30 18:34:32
vulnrichment
vulnrichment
CVE-2024-21512
2024-05-29 05:00:01
osv
osv
mysql2 vulnerable to Prototype Pollution
2024-05-30 18:34:32
CVE-2024-21512
2024-05-29 05:16:08
CGA-3mh2-3mv5-jfp3
2024-06-19 07:35:08
veracode
veracode
Prototype Pollution
2024-05-30 05:39:41
cvelist
cvelist
CVE-2024-21512
2024-05-29 05:00:01
redhatcve
redhatcve
CVE-2024-21512
2024-05-29 07:12:24
wolfi
wolfi
CVE-2024-21512 vulnerabilities
2024-09-29 21:19:24
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
15.5%
Related for CVE-2024-21512