Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mongoosejs mongoose vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-3696
Prototype Pollution in GitHub repository automattic/mongoose before 7.3.4.
Mongoosejs Mongoose
6.4
CVSSv2
CVE-2019-17426
Automattic Mongoose up to and including 5.7.4 allows malicious users to bypass access control (in some applications) because any query object with a _bsontype attribute is ignored. For example, adding "_bsontype":"a" can sometimes interfere with a query filter...
Mongoosejs Mongoose
NA
CVE-2022-2564
Prototype Pollution in GitHub repository automattic/mongoose before 6.4.6.
Mongoosejs Mongoose
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started