CVEs-PoC/2024/CVE-2024-21508.md at 8e2ebbf9bd04edab52d0cbcbc6c2f6e2cfdaa67d

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-31 10:09:29 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

786 B

Raw Blame History

CVE-2024-21508

Description

Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values.

POC

Reference

https://security.snyk.io/vuln/SNYK-JS-MYSQL2-6591085

Github

https://github.com/Geniorio01/CVE-2024-21508-mysql2-RCE
https://github.com/nomi-sec/PoC-in-GitHub

786 B Raw Blame History

CVE-2024-21508

Description

POC

Reference

Github

786 B

Raw Blame History