Improper Handling of Syntactically Invalid Structure

CVE-2024-6382

Medium

6.4/10

Summary

Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application behavior including data modification. This issue affects MongoDB Rust Driver 2.0 versions prior to 2.8.2

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: LOW
Scope: CHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: NONE
Availability Impact: LOW

CWE-228 - Improper Handling of Syntactically Invalid Structure

The product does not handle or incorrectly handles input that is not syntactically well-formed with respect to the associated specification.

References

Advisory Timeline

Published Jul 02, 2024

Improper Handling of Syntactically Invalid Structure

CVE-2024-6382

Summary

CWE-228 - Improper Handling of Syntactically Invalid Structure

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS