Security Advisory

CVE-2024-21507

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-10 05:00:01

Last updated 2024-09-18 14:46:37

Assigner snyk

State PUBLISHED

Description

Versions of the package mysql2 before 3.9.3 are vulnerable to Improper Input Validation through the keyFromFields function, resulting in cache poisoning. An attacker can inject a colon (:) character within a value of the attacker-crafted key.

← Browse all CVEs View on cve.org ↗