Lucene search

CVE-2024-21512

🗓️ 29 May 2024 05:01:00Reported by snykType

Vulnerability in mysql2 package due to improper input sanitization

Reporter	Title	Published	Views	Family All 11
OSV	GHSA-PMH2-WPJM-FJ45 mysql2 vulnerable to Prototype Pollution	30 May 202418:34	–	osv
OSV	CVE-2024-21512	29 May 202405:16	–	osv
OSV	CGA-3MH2-3MV5-JFP3	19 Jun 202407:35	–	osv
NVD	CVE-2024-21512	29 May 202405:16	–	nvd
Vulnrichment	CVE-2024-21512	29 May 202405:00	–	vulnrichment
Github Security Blog	mysql2 vulnerable to Prototype Pollution	30 May 202418:34	–	github
Chainguard	CVE-2024-21512 vulnerabilities	29 May 202405:16	–	cgr
Veracode	Prototype Pollution	30 May 202405:39	–	veracode
RedhatCVE	CVE-2024-21512	29 May 202407:12	–	redhatcve
CVE	CVE-2024-21512	29 May 202405:16	–	cve

[
  {
    "product": "mysql2",
    "versions": [
      {
        "version": "0",
        "lessThan": "3.9.8",
        "status": "affected",
        "versionType": "semver"
      }
    ],
    "vendor": "n/a"
  },
  {
    "product": "org.webjars.npm:mysql2",
    "versions": [
      {
        "version": "0",
        "lessThan": "*",
        "status": "affected",
        "versionType": "semver"
      }
    ],
    "vendor": "n/a"
  }
]

Source	Link
gist	www.gist.github.com/domdomi3/e9f0f9b9b1ed6bfbbc0bea87c5ca1e4a
github	www.github.com/sidorares/node-mysql2/pull/2702
security	www.security.snyk.io/vuln/SNYK-JS-MYSQL2-6861580
github	www.github.com/sidorares/node-mysql2/commit/efe3db527a2c94a63c2d14045baba8dfefe922bc
security	www.security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-7176010

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

29 May 2024 05:00Current

8.2High risk

Vulners AI Score8.2

CVSS38.2

EPSS0.00045