CVE-2024-21511 | mysql2 up to 3.9.6 readCodeFor timezone code injection (SNYK-JS-MYSQL2-6670046)

Inserito da Angelo Barbosa | Apr 23, 2024 | CVE

A vulnerability was found in mysql2 up to 3.9.6. It has been rated as very critical. Affected by this issue is the function readCodeFor. The manipulation of the argument timezone leads to code injection.

This vulnerability is handled as CVE-2024-21511. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-21511 | mysql2 up to 3.9.6 readCodeFor timezone code injection (SNYK-JS-MYSQL2-6670046)

Post correlati

CVE-2024-2316 | Bdtask Hospital AutoManager up to 20240227 Update Bill Page /billing/bill/edit/ cross-site request forgery

CVE-2024-44191 | Apple tvOS Bluetooth improper authorization

CVE-2023-43517 | Qualcomm QAM8255P Automotive Multimedia memory corruption

CVE-2024-20882 | Samsung Mobile Devices Bootloader out-of-bounds