MongoDB Compass 1.40.4

CPE Details

MongoDB Compass 1.40.4
mongodb
compass
1.40.4
2024-07-02
13h00 +00:00
2024-07-02
13h00 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:mongodb:compass:1.40.4:*:*:*:*:*:*:*

Informations

Vendor

mongodb

Product

compass

Version

1.40.4

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-6376 2024-07-01 14h57 +00:00 MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling. This issue affects MongoDB Compass versions prior to version 1.42.2
9.8
Critique
CVE-2024-3371 2024-04-24 16h32 +00:00 MongoDB Compass may accept and use insufficiently validated input from an untrusted external source. This may cause unintended application behavior, including data disclosure and enabling attackers to impersonate users. This issue affects MongoDB Compass versions 1.35.0 to 1.42.0.
7.1
Haute