5 matches found
bem-register (>=1.0.0 <=1.0.5), itstep_server (=0.0.1) +4 more potentially affected by CVE-2021-23372 via mongo-express (>=0.19.0 <=0.53.0)
mongo-express NPM version =0.19.0, =1.0.0, =0.1.1, =1.0.0, =1.5.0, =1.6.1 Source cves: CVE-2021-23372 Source advisory: OSV:GHSA-M2R3-8492-VX59...
CVE-2021-23372
All versions of package mongo-express are vulnerable to Denial of Service DoS when exporting an empty collection as CSV, due to an unhandled exception, leading to a crash...
CVE-2021-23372 Denial of Service (DoS)
All versions of package mongo-express are vulnerable to Denial of Service DoS when exporting an empty collection as CSV, due to an unhandled exception, leading to a crash...
CVE-2021-23372
The CVE-2021-23372 entry concerns all versions of mongo-express with a Denial of Service when exporting an empty collection to CSV due to an unhandled exception that crashes the application. Affected software is the mongo-express package (Node.js/Express-based web UI for MongoDB). The root cause ...
sn-cicd (>=4.6.12 <=4.6.17) potentially affected by CVE-2021-23372 via mongo-express (=1.0.0-alpha.1)
mongo-express NPM version =1.0.0-alpha.1 is affected by a known vulnerability. The following packages have a transitive dependency on mongo-express and may be impacted: - sn-cicd =4.6.12, =4.6.17 Source cves: CVE-2021-23372 Source advisory: SNYK:JS-MONGOEXPRESS-1085403...