cve/CVE-2024-21508.md at ba290685fe22de220a539dbecbe46bd650f1a0d5

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-06-19 17:30:12 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

842 B

Raw Blame History

CVE-2024-21508

Description

Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values.

POC

Reference

https://security.snyk.io/vuln/SNYK-JS-MYSQL2-6591085
https://security.snyk.io/vuln/SNYK-JS-MYSQL2-6591085

Github

https://github.com/Geniorio01/CVE-2024-21508-mysql2-RCE
https://github.com/nomi-sec/PoC-in-GitHub

842 B Raw Blame History

CVE-2024-21508

Description

POC

Reference

Github

842 B

Raw Blame History