GHSA-5f7m-mmpc-qhh4

Source

https://github.com/advisories/GHSA-5f7m-mmpc-qhh4

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/05/GHSA-5f7m-mmpc-qhh4/GHSA-5f7m-mmpc-qhh4.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-5f7m-mmpc-qhh4

Published

2019-05-23T09:27:00Z

Modified

2022-08-03T20:30:06Z

Summary

mysql Node.JS Module Vulnerable to Remote Memory Exposure

Details

Versions of mysql before 2.14.0 are vulnerable to remove memory exposure.

Affected versions of mysql package allocate and send an uninitialized memory over the network when a number is provided as a password.

Only mysql running on Node.js versions below 6.0.0 are affected due to a throw added in newer node.js versions.

Proof of Concept:

require('mysql').createConnection({
  host: 'localhost',
  user: 'user',
  password : USERPROVIDEDINPUT,  // number
  database : 'my_db'
}).connect();

Recommendation

Update to version 2.14.0 or later.

Database specific

{
    "github_reviewed_at": "2019-05-23T07:40:10Z",
    "cwe_ids": [
        "CWE-201"
    ],
    "nvd_published_at": null,
    "severity": "MODERATE",
    "github_reviewed": true
}

References

Affected packages

npm / mysql

Package

Name: mysql; View open source insights on deps.dev
Purl: pkg:npm/mysql

Affected ranges

Type: SEMVER
Events: Introduced

2.0.0-alpha8

Fixed

2.14.0