Description

Versions of the package mysql2 before 3.9.8 are vulnerable to Prototype Pollution due to improper user input sanitization passed to fields and tables when using nestTables.

INFO

Published Date :

2024-05-29T05:00:01.515Z

Last Modified :

2024-08-01T22:20:40.900Z

Source :

snyk
AFFECTED PRODUCTS

The following products are affected by CVE-2024-21512 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-21512.

URL Resource
https://gist.github.com/domdomi3/e9f0f9b9b1ed6bfbbc0bea87c5ca1e4a cve-icon cve-icon cve-icon cve-icon
https://github.com/sidorares/node-mysql2/commit/efe3db527a2c94a63c2d14045baba8dfefe922bc cve-icon cve-icon cve-icon cve-icon
https://github.com/sidorares/node-mysql2/pull/2702 cve-icon cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-21512 cve-icon
https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-7176010 cve-icon cve-icon cve-icon
https://security.snyk.io/vuln/SNYK-JS-MYSQL2-6861580 cve-icon cve-icon cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-21512 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact