mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-07 13:36:36 +00:00
786 B
786 B
CVE-2024-21509
Description
Versions of the package mysql2 before 3.9.4 are vulnerable to Prototype Poisoning due to insecure results object creation and improper user input sanitization passed through parserFn in text_parser.js and binary_parser.js.
POC
Reference
- https://security.snyk.io/vuln/SNYK-JS-MYSQL2-6591084
- https://security.snyk.io/vuln/SNYK-JS-MYSQL2-6591084
Github
No PoCs found on GitHub currently.