Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-3371

MongoDB Compass may accept and use insufficiently validated input from an untrusted external source. This may cause unintended application behavior, including data disclosure and enabling attackers to impersonate users. This issue affects MongoDB Compass versions 1.35.0 to 1.42.0.

Published

2024-04-24T17:15:47.230

Last Modified

2025-02-06T17:58:01.577

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.1 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-360
  • Type: Primary
    NVD-CWE-Other
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application mongodb compass < 1.42.1 Yes
References