CVE-2024-21512

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-21512
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-21512.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-21512
Aliases
Downstream
Related
Published
2024-05-29T05:16:08.353Z
Modified
2026-03-11T07:47:48.794314Z
Severity
  • 8.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L CVSS Calculator
Summary
[none]
Details

Versions of the package mysql2 before 3.9.8 are vulnerable to Prototype Pollution due to improper user input sanitization passed to fields and tables when using nestTables.

References

Affected packages

Git /

Affected ranges

Type
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
efe3db527a2c94a63c2d14045baba8dfefe922bc

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "mysql2"
            },
            {
                "fixed": "3.9.8"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-21512.json"