CVE ID:
CVE-2024-6382
Title:
Adversarial unsanitized input may cause MongoDB Rust Driver to issue unintended commands.
Description:
Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application behavior including data modification. This issue affects MongoDB Rust Driver 2.0 versions prior to 2.8.2
CVSS Score:
6.4 - https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
List all affected product versions:
MongoDB Rust Driver 2.0 versions prior to 2.8.2
CWE:
CWE-228: Improper Handling of Syntactically Invalid Structure