Описание
Versions of the package mysql2 before 3.9.8 are vulnerable to Prototype Pollution due to improper user input sanitization passed to fields and tables when using nestTables.
A flaw was found in MySQL2. This issue is due to prototype pollution caused by improper user input sanitization passed to fields and tables when using nestTables.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Developer Hub | rhdh-operator-container | Not affected | ||
| Red Hat Developer Hub | rhdh/rhdh-hub-rhel9 | Not affected |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
8.2 High
CVSS3
Связанные уязвимости
Versions of the package mysql2 before 3.9.8 are vulnerable to Prototype Pollution due to improper user input sanitization passed to fields and tables when using nestTables.
Уязвимость конфигурации nestTables библиотеки для работы с базами данных mysql2, позволяющая нарушителю реализовать атаку типа «загрязнение прототипа»
EPSS
8.2 High
CVSS3