Nondeterministic Palindrome Machine

npm

Severity: moderate

SQL Injection

mysql

Overview

Versions of mysql prior to 2.0.0-alpha8 are affected by a SQL Injection vulnerability in the mysql.escape() function, which does not properly escape object keys.

Remediation

Update to version 2.0.0-alpha8 or later.

Resources

Have content suggestions? Send them to [email protected]

Advisory timeline

  1. published

    Advisory published
    Dec 28th, 2015
  2. reported

    Initial report by Sébastian Dejonghe
    Dec 28th, 2015