VYPR
Moderate severityNVD Advisory· Published Jul 2, 2024· Updated Aug 1, 2024

Adversarial unsanitized input may cause MongoDB Rust Driver to issue unintended commands.

CVE-2024-6382

Description

Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application behavior including data modification. This issue affects MongoDB Rust Driver 2.0 versions prior to 2.8.2

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
mongodbcrates.io
>= 2.0.0, < 2.8.22.8.2

Affected products

2
  • MongoDB Inc/MongoDB Rust Driverv5
    cpe:2.3:a:mongodb:rust-driver:2.0.0:alpha:*:*:*:mongodb:*:*
    Range: 2.0
  • ghsa-coords
    Range: >= 2.0.0, < 2.8.2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.