Headline
GHSA-mqr2-w7wj-jjgr: mysql2 cache poisoning vulnerability
Versions of the package mysql2 before 3.9.3 are vulnerable to Improper Input Validation through the keyFromFields
function, resulting in cache poisoning. An attacker can inject a colon :
character within a value of the attacker-crafted key.
mysql2 cache poisoning vulnerability
Moderate severity GitHub Reviewed Published Apr 10, 2024 to the GitHub Advisory Database • Updated Apr 12, 2024