CVE-2021-3779
6.5MEDIUMA malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user. This issue was resolved in version 2.10.0 a
Veröffentlicht: 6/28/2022Aktualisiert: 11/21/2024
Beschreibung
A malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user. This issue was resolved in version 2.10.0 and later.
KI-AnalyseKI-gestützt
Betroffene Produkte
ruby-mysql_projectruby-mysql
Referenzen
- https://www.rapid7.com/blog/post/2022/06/28/cve-2021-3779-ruby-mysql-gem-client-file-read-fixed/ExploitMitigationThird Party Advisory
- https://www.rapid7.com/blog/post/2022/06/28/cve-2021-3779-ruby-mysql-gem-client-file-read-fixed/ExploitMitigationThird Party Advisory