Headline
GHSA-49j4-86m8-q2jw: mysql2 vulnerable to Prototype Poisoning
Versions of the package mysql2 before 3.9.4 are vulnerable to Prototype Poisoning due to insecure results object creation and improper user input sanitization passed through parserFn
in text_parser.js
and binary_parser.js
.
mysql2 vulnerable to Prototype Poisoning
Moderate severity GitHub Reviewed Published Apr 10, 2024 to the GitHub Advisory Database • Updated Apr 12, 2024