mysqljs/mysql

Releases63

Frequency1 month 3 weeks

Last Release over 6 years ago

Stars18.6K

A pure node.js JavaScript Client implementing the MySQL protocol.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-14939 ↗	Aug 12, 2019Monday, 12 August 2019, 01:15	—	2.1 LOW
An issue was discovered in the mysql (aka mysqljs) module 2.17.1 for Node.js. The LOAD DATA LOCAL INFILE option is open by default.
CVE-2015-9244 ↗	May 29, 2018Tuesday, 29 May 2018, 20:29	9.8 CRITICAL	7.5 HIGH
Keys of objects in mysql node module v2.0.0-alpha7 and earlier are not escaped with `mysql.escape()` which could lead to SQL Injection.