CVE-2021-3779
6.5MEDIUMA malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user. This issue was resolved in version 2.10.0 a
Опубликовано: 6/28/2022Обновлено: 11/21/2024
Описание
A malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user. This issue was resolved in version 2.10.0 and later.
ИИ-АнализНа базе ИИ
Затронутые продукты
ruby-mysql_projectruby-mysql
Ссылки
- https://www.rapid7.com/blog/post/2022/06/28/cve-2021-3779-ruby-mysql-gem-client-file-read-fixed/ExploitMitigationThird Party Advisory
- https://www.rapid7.com/blog/post/2022/06/28/cve-2021-3779-ruby-mysql-gem-client-file-read-fixed/ExploitMitigationThird Party Advisory