Versions of the package mysql2 before 3.9.8 are vulnerable to Prototype Pollution due to improper user input sanitization passed to fields and tables when using nestTables.
Release Notes
sidorares/node-mysql2 (mysql2)
### [`v3.9.8`](https://togithub.com/sidorares/node-mysql2/blob/HEAD/Changelog.md#398-2024-05-26)
[Compare Source](https://togithub.com/sidorares/node-mysql2/compare/v3.9.7...v3.9.8)
##### Bug Fixes
- **security:** sanitize fields and tables when using nestTables ([#2702](https://togithub.com/sidorares/node-mysql2/issues/2702)) ([efe3db5](https://togithub.com/sidorares/node-mysql2/commit/efe3db527a2c94a63c2d14045baba8dfefe922bc))
- support deno + caching_sha2\_password FULL_AUTHENTICATION_PACKET flow ([#2704](https://togithub.com/sidorares/node-mysql2/issues/2704)) ([2e03694](https://togithub.com/sidorares/node-mysql2/commit/2e0369445ba1581b427f78689a935ac3debfbf07))
- **typings:** typo from `jonServerPublicKey` to `onServerPublicKey` ([#2699](https://togithub.com/sidorares/node-mysql2/issues/2699)) ([8b5f691](https://togithub.com/sidorares/node-mysql2/commit/8b5f6911b69b766a3732fa160049d263460da74b))
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
3.9.7
->3.9.8
GitHub Vulnerability Alerts
CVE-2024-21512
Versions of the package mysql2 before 3.9.8 are vulnerable to Prototype Pollution due to improper user input sanitization passed to fields and tables when using nestTables.
Release Notes
sidorares/node-mysql2 (mysql2)
### [`v3.9.8`](https://togithub.com/sidorares/node-mysql2/blob/HEAD/Changelog.md#398-2024-05-26) [Compare Source](https://togithub.com/sidorares/node-mysql2/compare/v3.9.7...v3.9.8) ##### Bug Fixes - **security:** sanitize fields and tables when using nestTables ([#2702](https://togithub.com/sidorares/node-mysql2/issues/2702)) ([efe3db5](https://togithub.com/sidorares/node-mysql2/commit/efe3db527a2c94a63c2d14045baba8dfefe922bc)) - support deno + caching_sha2\_password FULL_AUTHENTICATION_PACKET flow ([#2704](https://togithub.com/sidorares/node-mysql2/issues/2704)) ([2e03694](https://togithub.com/sidorares/node-mysql2/commit/2e0369445ba1581b427f78689a935ac3debfbf07)) - **typings:** typo from `jonServerPublicKey` to `onServerPublicKey` ([#2699](https://togithub.com/sidorares/node-mysql2/issues/2699)) ([8b5f691](https://togithub.com/sidorares/node-mysql2/commit/8b5f6911b69b766a3732fa160049d263460da74b))Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.