CVE-2024-6376

CVSS V2 None CVSS V3 None
Description
MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling. This issue affects MongoDB Compass versions prior to version 1.42.2
Overview
  • CVE ID
  • CVE-2024-6376
  • Assigner
  • mongodb
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-07-01T14:57:31.704Z
  • Last Modified Date
  • 2024-07-01T20:45:10.830Z
References
Reference URL Reference Tags
https://jira.mongodb.org/browse/COMPASS-7496
History
Created Old Value New Value Data Type Notes
2024-07-02 13:04:25 Added to TrackCVE