{"vulnerability": "CVE-2024-21507", "sightings": [{"uuid": "74fafe0a-6668-4d65-ab99-971d6fc8c2c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21507", "type": "seen", "source": "https://t.me/arpsyndicate/4664", "content": "#ExploitObserverAlert\n\nCVE-2024-21507\n\nDESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-21507. Versions of the package mysql2 before 3.9.3 are vulnerable to Improper Input Validation through the keyFromFields function, resulting in cache poisoning. An attacker can inject a colon (:) character within a value of the attacker-crafted key.\n\nFIRST-EPSS: 0.000450000\nARPS-EXPLOITABILITY: 0.775", "creation_timestamp": "2024-04-13T13:48:11.000000Z"}, {"uuid": "d94f7a70-fc5e-43bb-ae03-564bf8f30847", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21507", "type": "seen", "source": "https://t.me/arpsyndicate/4543", "content": "#ExploitObserverAlert\n\nCVE-2024-21507\n\nDESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-21507. Versions of the package mysql2 before 3.9.3 are vulnerable to Improper Input Validation through the keyFromFields function, resulting in cache poisoning. An attacker can inject a colon (:) character within a value of the attacker-crafted key.\n\nFIRST-EPSS: 0.000450000\nARPS-EXPLOITABILITY: 0.5780347", "creation_timestamp": "2024-04-12T06:43:59.000000Z"}]}