atdatabases icon indicating copy to clipboard operation
atdatabases copied to clipboard
verified publisher icon ForbesLindesay

Update mysql2 to >=v3.9.4

Open crisward opened this issue 1 year ago • 1 comments

mysql2 <=3.9.3 Severity: critical mysql2 Remote Code Execution (RCE) via the readCodeFor function - https://github.com/advisories/GHSA-fpw7-j2hg-69v5 mysql2 vulnerable to Prototype Poisoning - https://github.com/advisories/GHSA-49j4-86m8-q2jw mysql2 cache poisoning vulnerability - https://github.com/advisories/GHSA-mqr2-w7wj-jjgr

Thanks.

crisward avatar Apr 12 '24 14:04 crisward

Got the same due to using @databases/mysql-test (4.0.2). Will there be an update or is the package stale?

pk910 avatar Jun 08 '24 19:06 pk910