3 matches found
GHSA-MQR2-W7WJ-JJGR mysql2 cache poisoning vulnerability
Versions of the package mysql2 before 3.9.3 are vulnerable to Improper Input Validation through the keyFromFields function, resulting in cache poisoning. An attacker can inject a colon : character within a value of the attacker-crafted key...
CVE-2024-21507
Versions of the package mysql2 before 3.9.3 are vulnerable to Improper Input Validation through the keyFromFields function, resulting in cache poisoning. An attacker can inject a colon : character within a value of the attacker-crafted key...
MySQL2 安全漏洞
MySQL2 is a MySQL client for Node.js by the individual developer Andrey Sidorov. A security vulnerability exists in MySQL2 versions prior to 3.9.3, which stems from incorrect input validation via the keyFromFields function, leading to cache poisoning...