Lucene search
+L

7 matches found

F5 Networks
F5 Networks
added 2024/05/20 8:21 a.m.39 views

K000139680: MySQL2 vulnerability CVE-2024-21508

Security Advisory Description Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution RCE via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values. CVE-2024-21508 Impact There is no impact; F5 products are not affecte...

9.8CVSS9.3AI score0.02554EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/04/11 6:30 a.m.4 views

0data (=1.0.0), 1.1.1-version (=1.0.0) +8621 more potentially affected by CVE-2024-21508 via mysql2 (>=0.11.8 <=3.9.3)

mysql2 NPM version =0.11.8, =0.0.27, =1.0.0, =0.0.4, =0.0.1, =0.0.2, =1.0.0, =0.0.1-alpha.5, =0.0.1-alpha.6 - @142vip/egg-grpc-client =0.0.1-alpha.4 and more Source cves: CVE-2024-21508 Source advisory: OSV:GHSA-FPW7-J2HG-69V5...

9.8CVSS7.2AI score0.02554EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/04/11 5:51 a.m.82 views

CVE-2024-21508

A flaw was found in the MySQL2 npm package. Affected versions of this package are vulnerable to remote code execution RCE via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values. Mitigation Mitigation for this issue is either not available or t...

9.8CVSS9.6AI score0.02554EPSS
Exploits0References3
Chainguard
Chainguard
added 2024/04/11 5:15 a.m.49 views

CVE-2024-21508 vulnerabilities

Vulnerabilities for packages: sqlpad...

9.8CVSS7.3AI score0.02554EPSS
Exploits0
Wolfi
Wolfi
added 2024/04/11 5:15 a.m.59 views

CVE-2024-21508 vulnerabilities

Vulnerabilities for packages: sqlpad...

9.8CVSS7.5AI score0.02554EPSS
Exploits0
Cvelist
Cvelist
added 2024/04/11 5:0 a.m.51 views

CVE-2024-21508

Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution RCE via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values...

9.8CVSS10AI score0.02554EPSS
Exploits0References6
CVE
CVE
added 2024/04/11 5:0 a.m.345 views

CVE-2024-21508

CVE-2024-21508 affects the mysql2 npm package prior to version 3.9.4. The vulnerability is a Remote Code Execution (RCE) flaw in the readCodeFor function caused by improper validation of supportBigNumbers and bigNumberStrings. Affected software is the mysql2 library (Node.js), with public details...

9.8CVSS9.7AI score0.02554EPSS
Exploits0References6
Rows per page
Query Builder