CVE-2024-6376 | MongoDB Compass up to 1.42.1 Connection code injection

Posted by Angelo Barbosa | Jul 1, 2024 | CVE

A vulnerability was found in MongoDB Compass up to 1.42.1. It has been rated as critical. This issue affects some unknown processing of the component Connection Handler. The manipulation leads to code injection.

The identification of this vulnerability is CVE-2024-6376. It is possible to launch the attack on the local host. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-6376 | MongoDB Compass up to 1.42.1 Connection code injection

Related Posts

CVE-2023-6992 | Cloudflare zlib deflate.c heap-based overflow (8352d10)

CVE-2023-40680 | Yoast SEO Plugin up to 21.0 on WordPress cross site scripting

CVE-2024-1585 | Metform Elementor Contact Form Builder Plugin up to 3.8.3 on WordPress Shortcode cross site scripting

CVE-2024-31810 | Totolink EX200 4.0.3c.7646_B20201211 /etc/shadow.sample hard-coded password