Security Advisory

CVE-2024-21509

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-10 05:00:00
Last updated 2024-08-22 13:11:18
Assigner snyk
State PUBLISHED

Description

Versions of the package mysql2 before 3.9.4 are vulnerable to Prototype Poisoning due to insecure results object creation and improper user input sanitization passed through parserFn in text_parser.js and binary_parser.js.