Lucene search
K

7 matches found

OSV
OSV
added 2024/04/10 3:30 p.m.2 views

GHSA-49J4-86M8-Q2JW mysql2 vulnerable to Prototype Poisoning

Versions of the package mysql2 before 3.9.4 are vulnerable to Prototype Poisoning due to insecure results object creation and improper user input sanitization passed through parserFn in textparser.js and binaryparser.js...

6.9CVSS5.9AI score0.00962EPSS
Exploits1References8
Github Security Blog
Github Security Blog
added 2024/04/10 3:30 p.m.22 views

mysql2 vulnerable to Prototype Poisoning

Versions of the package mysql2 before 3.9.4 are vulnerable to Prototype Poisoning due to insecure results object creation and improper user input sanitization passed through parserFn in textparser.js and binaryparser.js...

6.5CVSS7AI score0.00962EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2024/04/10 5:15 a.m.38 views

CVE-2024-21509

Versions of the package mysql2 before 3.9.4 are vulnerable to Prototype Poisoning due to insecure results object creation and improper user input sanitization passed through parserFn in textparser.js and binaryparser.js...

6.5CVSS6.4AI score0.00962EPSS
Exploits1References6
CVE
CVE
added 2024/04/10 5:0 a.m.294 views

CVE-2024-21509

The CVE-2024-21509 vulnerability affects the mysql2 package prior to version 3.9.4, as described across multiple sources. The root cause is Prototype Poisoning due to insecure results object creation and improper user input sanitization passed through parserFn in text_parser.js and binary_parser....

6.5CVSS6.3AI score0.00962EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2024/04/10 5:0 a.m.38 views

CVE-2024-21509

Versions of the package mysql2 before 3.9.4 are vulnerable to Prototype Poisoning due to insecure results object creation and improper user input sanitization passed through parserFn in textparser.js and binaryparser.js...

6.5CVSS6.6AI score0.00962EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2024/04/10 5:0 a.m.10 views

CVE-2024-21509

Versions of the package mysql2 before 3.9.4 are vulnerable to Prototype Poisoning due to insecure results object creation and improper user input sanitization passed through parserFn in textparser.js and binaryparser.js...

6.5CVSS6.7AI score0.00962EPSS
Exploits1References6
OSV
OSV
added 2024/04/10 5:0 a.m.22 views

CVE-2024-21509

Versions of the package mysql2 before 3.9.4 are vulnerable to Prototype Poisoning due to insecure results object creation and improper user input sanitization passed through parserFn in textparser.js and binaryparser.js...

6.5CVSS6.8AI score0.00962EPSS
Exploits1References8
Rows per page
Query Builder