A malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user
Reporter | Title | Published | Views | Family All 12 |
---|---|---|---|---|
Prion | Authorization | 28 Jun 202217:15 | – | prion |
UbuntuCve | CVE-2021-3779 | 28 Jun 202200:00 | – | ubuntucve |
OSV | Externally Controlled Reference to a Resource in Another Sphere in ruby-mysql | 29 Jun 202200:00 | – | osv |
CVE | CVE-2021-3779 | 28 Jun 202217:15 | – | cve |
Github Security Blog | Externally Controlled Reference to a Resource in Another Sphere in ruby-mysql | 29 Jun 202200:00 | – | github |
RubySec | ruby-mysql Client File Read | 27 Jun 202221:00 | – | rubygems |
Cvelist | CVE-2021-3779 Ruby-MySQL Gem Client File Read | 28 Jun 202216:30 | – | cvelist |
CNVD | Ruby ruby-mysql security vulnerability (CNVD-2022-74096) | 30 Jun 202200:00 | – | cnvd |
Veracode | Arbitrary File Read | 6 Jul 202205:43 | – | veracode |
NVD | CVE-2021-3779 | 28 Jun 202217:15 | – | nvd |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo