cve/CVE-2024-21508.md at 4edef1e4c8c71572b001933b68c0e9d801ec9035

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00

marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024

2024-05-25 21:48:12 +02:00

786 B

Raw Blame History

CVE-2024-21508

Description

Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values.

POC

Reference

https://security.snyk.io/vuln/SNYK-JS-MYSQL2-6591085

Github

https://github.com/Geniorio01/CVE-2024-21508-mysql2-RCE
https://github.com/nomi-sec/PoC-in-GitHub

786 B Raw Blame History

CVE-2024-21508

Description

POC

Reference

Github

786 B

Raw Blame History