CVE-2024-6376 | MongoDB Compass up to 1.42.1 Connection code injection

Posted by Angelo Barbosa | Jul 1, 2024 | CVE

A vulnerability was found in MongoDB Compass up to 1.42.1. It has been rated as critical. This issue affects some unknown processing of the component Connection Handler. The manipulation leads to code injection.

The identification of this vulnerability is CVE-2024-6376. It is possible to launch the attack on the local host. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-6376 | MongoDB Compass up to 1.42.1 Connection code injection

Related Posts

CVE-2024-23031 | EyouCMS 1.6.5 URL is_water cross site scripting (Issue 57)

CVE-2024-23181 | appleple A-Blog CMS up to 2.8.x/2.10.49/2.11.57/3.0.28/3.1.6 cross site scripting

CVE-2024-3969 | OpenText iManager up to 3.2.6.0300 xml external entity reference

CVE-2023-41917 | Kiloview P1/P2 up to 4.8.2605 Speed-Measurement os command injection (NCSC-2024-0273)