CVE-2019-14939

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2019-14939

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-14939.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-14939

Aliases

GHSA-f982-mxwc-3mrx

Downstream

DEBIAN-CVE-2019-14939

UBUNTU-CVE-2019-14939

Published

2019-08-12T01:15:13.720Z

Modified

2026-03-10T22:16:14.578567Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in the mysql (aka mysqljs) module 2.17.1 for Node.js. The LOAD DATA LOCAL INFILE option is open by default.

References

https://github.com/mysqljs/mysql/issues/2257

Affected packages

Git / github.com/mysqljs/mysql

Affected ranges

Type

GIT

Repo

https://github.com/mysqljs/mysql

Events

Introduced

Last affected

33cb8846d11fd36a267fdb827a42d9ebeaf2f8d6

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.17.1"
        }
    ]
}

Affected versions

v2.*

v2.0.0

v2.0.0-alpha

v2.0.0-alpha2

v2.0.0-alpha3

v2.0.0-alpha4

v2.0.0-alpha7

v2.0.0-alpha8

v2.0.0-alpha9

v2.0.0-preview

v2.0.0-rc2

v2.0.1

v2.1.0

v2.1.1

v2.10.0

v2.10.1

v2.10.2

v2.11.0

v2.11.1

v2.12.0

v2.13.0

v2.14.0

v2.14.1

v2.15.0

v2.16.0

v2.17.0

v2.17.1

v2.2.0

v2.3.0

v2.3.1

v2.3.2

v2.4.0

v2.4.1

v2.4.2

v2.4.3

v2.5.0

v2.5.1

v2.5.2

v2.5.3

v2.5.4

v2.5.5

v2.6.0

v2.6.1

v2.6.2

v2.7.0

v2.8.0

v2.9.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-14939.json"