10 matches found
CVE-2022-31026
Trilogy is a client library for MySQL. When authenticating, a malicious server could return a specially crafted authentication packet, causing the client to read and return up to 12 bytes of data from an uninitialized variable in stack memory. Users of the trilogy gem should upgrade to version...
EUVD-2022-5938
Malicious code in bioql PyPI...
CVE-2022-31026
Trilogy is a client library for MySQL. When authenticating, a malicious server could return a specially crafted authentication packet, causing the client to read and return up to 12 bytes of data from an uninitialized variable in stack memory. Users of the trilogy gem should upgrade to version...
Trilogy 安全漏洞
Trilogy is a U.S. GitHub open source for MySQL compatible database server client library . Designed to improve performance , flexibility and ease of embedding . A security vulnerability exists in versions prior to Trilogy 2.1.1 , which stems from the fact that during authentication , a malicious...
GHSA-5G4R-2QHX-VQFM Use of Uninitialized Variable in trilogy
Impact When authenticating, a malicious server could return a specially crafted authentication packet, causing the client to read and return up to 12 bytes of data from an uninitialized variable in stack memory. Patches Users of the trilogy gem should upgrade to version 2.1.1 Workarounds This iss...
Use of Uninitialized Variable in trilogy
Impact When authenticating, a malicious server could return a specially crafted authentication packet, causing the client to read and return up to 12 bytes of data from an uninitialized variable in stack memory. Patches Users of the trilogy gem should upgrade to version 2.1.1 Workarounds This iss...
Use of Uninitialized Resource
Overview Affected versions of this package are vulnerable to Use of Uninitialized Resource. When authenticating, a malicious server can return a specially crafted authentication packet, causing the client to read and return up to 12 bytes of data from an uninitialized variable in stack memory...
CVE-2022-31026 Use of Uninitialized Variable in trilogy
Trilogy is a client library for MySQL. When authenticating, a malicious server could return a specially crafted authentication packet, causing the client to read and return up to 12 bytes of data from an uninitialized variable in stack memory. Users of the trilogy gem should upgrade to version...
CVE-2022-31026
CVE-2022-31026 affects the Trilogy client library for MySQL. During authentication, a malicious server can send a crafted authentication packet, causing the client to read up to 12 bytes from an uninitialized variable in stack memory. Public advisories consistently recommend upgrading the trilogy...
CVE-2022-31026 Use of Uninitialized Variable in trilogy
Trilogy is a client library for MySQL. When authenticating, a malicious server could return a specially crafted authentication packet, causing the client to read and return up to 12 bytes of data from an uninitialized variable in stack memory. Users of the trilogy gem should upgrade to version...