Home > Vulnerability Database > CVE-2024-6382

Mend.io Vulnerability Database

CVE-2024-6382

Date: July 2, 2024

Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application behavior including data modification. This issue affects MongoDB Rust Driver 2.0 versions prior to 2.8.2

Language: RUST

Severity Score

6.4

Related Resources (7)

Url: https://github.com/mongodb/mongo-rust-driver/commit/8eac3bc6dc37a6d7667ed6c1a895c224e3ff47e1

Url: https://github.com/mongodb/mongo-rust-driver

Url: https://jira.mongodb.org/browse/RUST-1881

Url: https://github.com/mongodb/mongo-rust-driver/pull/1045

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-6382

Url: https://github.com/mongodb/mongo-rust-driver/commit/a3fe6c84ce6287348b1268f651fdac9fbed66187

Url: https://www.mend.io/vulnerability-database/CVE-2024-6382

Severity Score

6.4

Weakness Type (CWE)

Improper Handling of Syntactically Invalid Structure

CWE-228

CVSS v3.1

Base Score:	6.4
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	CHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2024-6382

Date: July 2, 2024

Language: RUST

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?