๐Ÿ” CVE Alert

CVE-2024-53900

CRITICAL 9.1
CVSS Score
9.1
EPSS Score
0.0%
EPSS Percentile
0th

Mongoose before 8.8.3 can improperly use $where in match, leading to search injection.

Vendor n/a
Product n/a
Published Dec 2, 2024
Last Updated Jan 6, 2025
Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new critical vulnerabilities affecting n/a n/a are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

n/a / n/a
n/a

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
npmjs.com: https://www.npmjs.com/package/mongoose?activeTab=versions github.com: https://github.com/Automattic/mongoose/releases github.com: https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md github.com: https://github.com/Automattic/mongoose/commit/c9e86bff7eef477da75a29af62a06d41a835a156 github.com: https://github.com/advisories/GHSA-m7xq-9374-9rvx