Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-49j4-86m8-q2jw: mysql2 vulnerable to Prototype Poisoning

Versions of the package mysql2 before 3.9.4 are vulnerable to Prototype Poisoning due to insecure results object creation and improper user input sanitization passed through parserFn in text_parser.js and binary_parser.js.

ghsa
#sql#js#git

mysql2 vulnerable to Prototype Poisoning

Moderate severity GitHub Reviewed Published Apr 10, 2024 to the GitHub Advisory Database • Updated Apr 12, 2024

ghsa: Latest News

GHSA-6jrf-rcjf-245r: changedetection.io path traversal using file URI scheme without supplying hostname