CVE-2024-21512

HIGH

CVSS v3

8.2

HIGH

EPSS Score

68.3%

exploit probability

CISA KEV

known exploited

Exploitation

—

SSVC status

Description

Versions of the package mysql2 before 3.9.8 are vulnerable to Prototype Pollution due to improper user input sanitization passed to fields and tables when using nestTables.

Technical Details

CVSS v3 Vector: 3.1
Published: 5/29/2024
Last Modified: 4/15/2026

Frequently Asked Questions

What is CVE-2024-21512?

Versions of the package mysql2 before 3.9.8 are vulnerable to Prototype Pollution due to improper user input sanitization passed to fields and tables when using nestTables.

Is CVE-2024-21512 actively exploited?

Active exploitation of CVE-2024-21512 has not been confirmed. The EPSS score is 68.3%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2024-21512?

CVE-2024-21512 has a CVSS v3 base score of 8.2 (HIGH severity), with vector string 3.1.

Is CVE-2024-21512 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.

Check an IP Search CVEs

Back to CVE Database