VYPR
Moderate severityNVD Advisory· Published Jun 28, 2022· Updated Sep 17, 2024

Ruby-MySQL Gem Client File Read

CVE-2021-3779

Description

A malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user. This issue was resolved in version 2.10.0 and later.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
ruby-mysqlRubyGems
< 2.10.02.10.0

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.