Moderate severityNVD Advisory· Published May 29, 2018· Updated Sep 16, 2024
CVE-2015-9244
CVE-2015-9244
Description
Keys of objects in mysql node module v2.0.0-alpha7 and earlier are not escaped with mysql.escape() which could lead to SQL Injection.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
mysqlnpm | < 2.0.0-alpha8 | 2.0.0-alpha8 |
Affected products
1- Range: <=v2.0.0-alpha7
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- github.com/advisories/GHSA-fvq6-55gv-jx9fghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-9244ghsaADVISORY
- github.com/felixge/node-mysql/issues/342ghsax_refsource_MISCWEB
- nodesecurity.io/advisories/66mitrex_refsource_MISC
- www.npmjs.com/advisories/66ghsaWEB
News mentions
0No linked articles in our index yet.