CVE-2024-21508
CVSS V2 None
CVSS V3 None
Description
Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values.
Overview
- CVE ID
- CVE-2024-21508
- Assigner
- snyk
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-04-11T05:00:00.748Z
- Last Modified Date
- 2024-06-18T20:18:04.928Z
Weakness Enumerations
References
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-21508 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21508 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-26 15:16:50 | Added to TrackCVE |