Check integer conversions

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Fixed
    • Priority: Unknown
    • 3.0.0, 2.8.2
    • Affects Version/s: None
    • Component/s: None
    • None
    • None
    • Rust Drivers
    • None
    • None
    • None
    • None
    • None
    • None

      CVE ID: 

      CVE-2024-6382

      Title:
      Adversarial unsanitized input may cause MongoDB Rust Driver to issue unintended commands.

      Description:
      Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application behavior including data modification. This issue affects MongoDB Rust Driver 2.0 versions prior to 2.8.2

      CVSS Score:

      6.4 - https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L

      List all affected product versions:
      MongoDB Rust Driver 2.0 versions prior to 2.8.2

      CWE:

      CWE-228: Improper Handling of Syntactically Invalid Structure

            Assignee:
            Abraham Egnor
            Reporter:
            Kevin Albertson
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: