Uploaded image for project: 'Rust Driver'
  1. Rust Driver
  2. RUST-1881

Check integer conversions

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Unknown Unknown
    • 3.0.0, 2.8.2
    • Affects Version/s: None
    • Component/s: None
    • None
    • Rust Drivers

      CVE ID: 

      CVE-2024-6382

      Title:
      Adversarial unsanitized input may cause MongoDB Rust Driver to issue unintended commands.

      Description:
      Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application behavior including data modification. This issue affects MongoDB Rust Driver 2.0 versions prior to 2.8.2

      CVSS Score:

      6.4 - https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L

      List all affected product versions:
      MongoDB Rust Driver 2.0 versions prior to 2.8.2

      CWE:

      CWE-228: Improper Handling of Syntactically Invalid Structure

            Assignee:
            abraham.egnor@mongodb.com Abraham Egnor
            Reporter:
            kevin.albertson@mongodb.com Kevin Albertson
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: