OVE-20191021-0001 - Christine Dodrill

Christine Dodrill - Blog - Contact - Resume - Talks | GraphViz - When Then Zen Multiple vulnerabilities in the mysqljs API and code. Security Warning Level: yikes/10 There are multiple issues exploitable by local and remote actors in mysqljs . These can cause application data leaks, database leaks, SQL injections, arbitrary code execution, and credential leaks among other things. Mysqljs is unversioned, so it is very difficult to impossible to tell how many users are affected by this and what users can do in order to ensure they are patched against these critical vulnerabilities. Mysqljs is a library intended to facilitate prototyping web applications and mobile applications using technologies such as PhoneGap or Cordova . These technologies allow developers to create a web application that gets packaged and presented to users as if it was a native application. This lib...

Linked on 2019-10-21 17:08:02 | Similar Links