CVE-2024-6382

Summary

Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application behavior including data modification. This issue affects MongoDB Rust Driver 2.0 versions prior to 2.8.2

Affected Software

VendorProductVersion RangeStatus
MongoDB IncMongoDB Rust Driver2.0 < 2.8.2affected

Weaknesses

  • CWE-228: CWE-228: Improper Handling of Syntactically Invalid Structure

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References