CVE-2015-9244

Summary

Keys of objects in mysql node module v2.0.0-alpha7 and earlier are not escaped with mysql.escape() which could lead to SQL Injection.

Affected Software

VendorProductVersion RangeStatus
HackerOnemysql node module<=v2.0.0-alpha7affected

Weaknesses

  • CWE-89: SQL Injection (CWE-89)

ADP Enrichment

CVE Program Container

Additional References

References