CVE-2024-21511 | mysql2 up to 3.9.6 readCodeFor timezone code injection (SNYK-JS-MYSQL2-6670046)

Posted by Angelo Barbosa | Apr 23, 2024 | CVE

A vulnerability was found in mysql2 up to 3.9.6. It has been rated as very critical. Affected by this issue is the function readCodeFor. The manipulation of the argument timezone leads to code injection.

This vulnerability is handled as CVE-2024-21511. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-21511 | mysql2 up to 3.9.6 readCodeFor timezone code injection (SNYK-JS-MYSQL2-6670046)

Related Posts

CVE-2024-9591 | Category and Taxonomy Image Plugin up to 1.0.0 on WordPress cross site scripting

CVE-2024-29454 | ROS2 Humble Hawksbill improper authorization

CVE-2024-34065 | Strapi up to 4.24.1 authentication replay (GHSA-wrvh-rcmr-9qfc)

CVE-2024-10299 | PHPGurukul Medical Card Generation System 1.0 Managecard View Detail Page view-card-detail.php viewid sql injection