Fedora Account System
Red Hat Associate
Red Hat Customer
Versions of the package mysql2 before 3.9.8 are vulnerable to Prototype Pollution due to improper user input sanitization passed to fields and tables when using nestTables. https://gist.github.com/domdomi3/e9f0f9b9b1ed6bfbbc0bea87c5ca1e4a https://github.com/sidorares/node-mysql2/commit/efe3db527a2c94a63c2d14045baba8dfefe922bc https://github.com/sidorares/node-mysql2/pull/2702 https://security.snyk.io/vuln/SNYK-JS-MYSQL2-6861580
Created rubygem-acts_as_list tracking bugs for this issue: Affects: fedora-all [bug 2283738]