Check integer conversions

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Fixed
    • Priority: Unknown
    • 3.0.0, 2.8.2
    • Affects Version/s: None
    • Component/s: None
    • None
    • None
    • Rust Drivers
    • None
    • None
    • None
    • None
    • None
    • None

      CVE ID: 

      CVE-2024-6382

      Title:
      Adversarial unsanitized input may cause MongoDB Rust Driver to issue unintended commands.

      Description:
      Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application behavior including data modification. This issue affects MongoDB Rust Driver 2.0 versions prior to 2.8.2

      CVSS Score:

      6.4 - https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L

      List all affected product versions:
      MongoDB Rust Driver 2.0 versions prior to 2.8.2

      CWE:

      CWE-228: Improper Handling of Syntactically Invalid Structure

              Assignee:
              Abraham Egnor
              Reporter:
              Kevin Albertson
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: