MongoDB Compass may accept and use insufficiently validated input from an untrusted external source. This may cause unintended application behavior, including data disclosure and enabling attackers to impersonate users. This issue affects MongoDB Compass versions 1.35.0 to 1.42.0.
References
Link | Resource |
---|---|
https://jira.mongodb.org/browse/COMPASS-7260 |
Configurations
No configuration.
History
26 Apr 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
Summary | (en) MongoDB Compass may accept and use insufficiently validated input from an untrusted external source. This may cause unintended application behavior, including data disclosure and enabling attackers to impersonate users. This issue affects MongoDB Compass versions 1.35.0 to 1.42.0. |
24 Apr 2024, 17:16
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-04-24 17:15
Updated : 2024-04-26 15:15
NVD link : CVE-2024-3371
Mitre link : CVE-2024-3371
CVE.ORG link : CVE-2024-3371
JSON object : View
Products Affected
No product.
CWE
CWE-360
Trust of System Event Data