How severe is CVE-2021-3779?

CVE-2021-3779 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2021-3779

Name: ruby-mysql
Author: ruby-mysql_project

6.5MEDIUM

A malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user. This issue was resolved in version 2.10.0 a

Publicado: 6/28/2022Atualizado: 11/21/2024

Descrição

A malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user. This issue was resolved in version 2.10.0 and later.

Análise IADesenvolvido por IA

Produtos Afetados

ruby-mysql_projectruby-mysql

Referências

https://www.rapid7.com/blog/post/2022/06/28/cve-2021-3779-ruby-mysql-gem-client-file-read-fixed/
ExploitMitigationThird Party Advisory
https://www.rapid7.com/blog/post/2022/06/28/cve-2021-3779-ruby-mysql-gem-client-file-read-fixed/
ExploitMitigationThird Party Advisory