Skip to content

Commit 369d7d6

Browse files
advisory-database[bot]advisory-database[bot]
committed
Publish Advisories
GHSA-32jf-h775-g29h GHSA-32jf-h775-g29h
1 parent e23d4ee commit 369d7d6

File tree

2 files changed

+73
-36
lines changed

2 files changed

+73
-36
lines changed

advisories/github-reviewed/2024/07/GHSA-32jf-h775-g29h/GHSA-32jf-h775-g29h.json

Lines changed: 73 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,73 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-32jf-h775-g29h",
4+
"modified": "2025-10-02T21:35:39Z",
5+
"published": "2024-07-02T21:32:16Z",
6+
"aliases": [
7+
"CVE-2024-6382"
8+
],
9+
"summary": "MongoDB Rust driver may issue unintended commands",
10+
"details": "Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application behavior including data modification. This issue affects MongoDB Rust Driver 2.0 versions prior to 2.8.2",
11+
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L"
15+
}
16+
],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "crates.io",
21+
"name": "mongodb"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "2.0.0"
29+
},
30+
{
31+
"fixed": "2.8.2"
32+
}
33+
]
34+
}
35+
]
36+
}
37+
],
38+
"references": [
39+
{
40+
"type": "ADVISORY",
41+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6382"
42+
},
43+
{
44+
"type": "WEB",
45+
"url": "https://github.com/mongodb/mongo-rust-driver/pull/1045"
46+
},
47+
{
48+
"type": "WEB",
49+
"url": "https://github.com/mongodb/mongo-rust-driver/commit/8eac3bc6dc37a6d7667ed6c1a895c224e3ff47e1"
50+
},
51+
{
52+
"type": "WEB",
53+
"url": "https://github.com/mongodb/mongo-rust-driver/commit/a3fe6c84ce6287348b1268f651fdac9fbed66187"
54+
},
55+
{
56+
"type": "PACKAGE",
57+
"url": "https://github.com/mongodb/mongo-rust-driver"
58+
},
59+
{
60+
"type": "WEB",
61+
"url": "https://jira.mongodb.org/browse/RUST-1881"
62+
}
63+
],
64+
"database_specific": {
65+
"cwe_ids": [
66+
"CWE-228"
67+
],
68+
"severity": "MODERATE",
69+
"github_reviewed": true,
70+
"github_reviewed_at": "2025-10-02T21:35:38Z",
71+
"nvd_published_at": "2024-07-02T18:15:04Z"
72+
}
73+
}

advisories/unreviewed/2024/07/GHSA-32jf-h775-g29h/GHSA-32jf-h775-g29h.json

Lines changed: 0 additions & 36 deletions
This file was deleted.

0 commit comments

Comments
 (0)