4 matches found
CVE-2022-21687
gh-ost is a triggerless online schema migration solution for MySQL. Versions prior to 1.1.3 are subject to an arbitrary file read vulnerability. The attacker must have access to the target host or trick an administrator into executing a malicious gh-ost command on a host running gh-ost, plus...
CVE-2022-21687 Command injection in gh-ost
gh-ost is a triggerless online schema migration solution for MySQL. Versions prior to 1.1.3 are subject to an arbitrary file read vulnerability. The attacker must have access to the target host or trick an administrator into executing a malicious gh-ost command on a host running gh-ost, plus...
CVE-2022-21687 Command injection in gh-ost
gh-ost is a triggerless online schema migration solution for MySQL. Versions prior to 1.1.3 are subject to an arbitrary file read vulnerability. The attacker must have access to the target host or trick an administrator into executing a malicious gh-ost command on a host running gh-ost, plus...
CVE-2022-21687
CVE-2022-21687 affects the gh-ost project for MySQL. Versions prior to 1.1.3 are vulnerable due to improper sanitization of the -database parameter, enabling an attacker with host access or who can coerce an admin into running a malicious gh-ost command to cause arbitrary file reads on the target...