CVE-2021-3779

CVE-2021-3779: Ruby-MySQL Gem Client File Read

Vendor Tomita Masahiro
Product ruby-mysql
Weakness CWE-610
Published June 28, 2022
Last update September 17, 2024

CVSS base score

What the vulnerability does

01Description

A malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user. This issue was resolved in version 2.10.0 and later.

Key dates

02Disclosure timeline

June 28, 2022 CVE published
September 17, 2024 Record updated