Security Advisory

CVE-2024-6376

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-07-01 14:57:31

Last updated 2024-08-01 21:33:05

Assigner mongodb

State PUBLISHED

Description

MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass connection handling. This issue affects MongoDB Compass versions prior to version 1.42.2

← Browse all CVEs View on cve.org ↗