A malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user. This issue was resolved in version 2.10.0 and later.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: rapid7

Published: 2022-06-28T16:30:15.611030Z

Updated: 2024-09-17T00:16:17.183Z

Reserved: 2021-09-07T00:00:00

Link: CVE-2021-3779

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2022-06-28T17:15:07.827

Modified: 2022-07-07T20:59:17.007

Link: CVE-2021-3779

cve-icon Redhat

No data.