CVE-2024-6376
CVSS V2 None
CVSS V3 None
Description
MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling. This issue affects MongoDB Compass versions prior to version 1.42.2
Overview
- CVE ID
- CVE-2024-6376
- Assigner
- mongodb
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-07-01T14:57:31.704Z
- Last Modified Date
- 2024-07-01T20:45:10.830Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://jira.mongodb.org/browse/COMPASS-7496 |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-6376 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6376 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-07-02 13:04:25 | Added to TrackCVE |