Versions of mysql
before 2.14.0 are vulnerable to remove memory exposure.
Affected versions of mysql
package allocate and send an uninitialized memory over the network when a number is provided as a password.
Only mysql
running on Node.js versions below 6.0.0 is affected due to a throw added in newer node.js versions.
Proof of Concept:
require('mysql').createConnection({
host: 'localhost',
user: 'user',
password : USERPROVIDEDINPUT, // number
database : 'my_db'
}).connect();
Update to version 2.14.0 or later.
CPE | Name | Operator | Version |
---|---|---|---|
mysql | ge | 2.0.0-alpha8 <=2.0.0-rc2 || >=2.0.0 <=2.13.0 |