Trilogy Project

trilogy_project

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Trilogy

trilogy

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-31026 1Trilogy Project 1Trilogy Nov 21, 2024 Jun 9, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Trilogy is a client library for MySQL. When authenticating, a malicious server could return a specially crafted authentication packet, causing the client to read and return up to 12 bytes of data from an uninitialized va...Show more Trilogy is a client library for MySQL. When authenticating, a malicious server could return a specially crafted authentication packet, causing the client to read and return up to 12 bytes of data from an uninitialized variable in stack memory. Users of the trilogy gem should upgrade to version 2.1.1 This issue can be avoided by only connecting to trusted servers.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2022-31026

1Trilogy Project

1Trilogy

Nov 21, 2024

Jun 9, 2022

N/A· v4

7.5 HIGH· v3

5.0 MEDIUM· v2

Trilogy is a client library for MySQL. When authenticating, a malicious server could return a specially crafted authentication packet, causing the client to read and return up to 12 bytes of data from an uninitialized variable in stack memory. Users of the trilogy gem should upgrade to version 2.1.1 This issue can be avoided by only connecting to trusted servers.Show less