Versions of mysql
prior to 2.0.0-alpha8 are affected by a SQL Injection vulnerability in the mysql.escape()
function, which does not properly escape object keys.
Update to version 2.0.0-alpha8 or later.
CPE | Name | Operator | Version |
---|---|---|---|
mysql | le | v2.0.0-alpha7 |