CVE-2024-6376 | MongoDB Compass up to 1.42.1 Connection code injection

Posted by Angelo Barbosa | Jul 1, 2024 | CVE

A vulnerability was found in MongoDB Compass up to 1.42.1. It has been rated as critical. This issue affects some unknown processing of the component Connection Handler. The manipulation leads to code injection.

The identification of this vulnerability is CVE-2024-6376. It is possible to launch the attack on the local host. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-6376 | MongoDB Compass up to 1.42.1 Connection code injection

Related Posts

CVE-2023-50462 | content-consent up to 1.0.2/2.0.1 resource injection

CVE-2024-45624 | PgPool Global Development Group Pgpool-II up to 4.1.21/4.2.18/4.3.11/4.4.8/4.5.3w Database information disclosure

CVE-2024-46453 | iq3xcite up to 3.05 /test/ cross site scripting

CVE-2024-0891 | hongmaple octopus 1.0 description cross site scripting