Lucene search
+L

5 matches found

vulnersOsv
vulnersOsv
added 2021/10/06 5:47 p.m.4 views

bem-register (>=1.0.0 <=1.0.5), itstep_server (=0.0.1) +4 more potentially affected by CVE-2021-23372 via mongo-express (>=0.19.0 <=0.53.0)

mongo-express NPM version =0.19.0, =1.0.0, =0.1.1, =1.0.0, =1.5.0, =1.6.1 Source cves: CVE-2021-23372 Source advisory: OSV:GHSA-M2R3-8492-VX59...

7.5CVSS7.1AI score0.00878EPSS
Exploits0
NVD
NVD
added 2021/04/13 8:15 p.m.15 views

CVE-2021-23372

All versions of package mongo-express are vulnerable to Denial of Service DoS when exporting an empty collection as CSV, due to an unhandled exception, leading to a crash...

7.5CVSS0.00878EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/04/13 3:20 p.m.25 views

CVE-2021-23372 Denial of Service (DoS)

All versions of package mongo-express are vulnerable to Denial of Service DoS when exporting an empty collection as CSV, due to an unhandled exception, leading to a crash...

4.4CVSS7.7AI score0.00878EPSS
Exploits0References1
CVE
CVE
added 2021/04/13 3:20 p.m.51 views

CVE-2021-23372

The CVE-2021-23372 entry concerns all versions of mongo-express with a Denial of Service when exporting an empty collection to CSV due to an unhandled exception that crashes the application. Affected software is the mongo-express package (Node.js/Express-based web UI for MongoDB). The root cause ...

7.5CVSS5.9AI score0.00878EPSS
Exploits0References1Affected Software1
vulnersOsv
vulnersOsv
added 2021/03/12 3:8 p.m.5 views

sn-cicd (>=4.6.12 <=4.6.17) potentially affected by CVE-2021-23372 via mongo-express (=1.0.0-alpha.1)

mongo-express NPM version =1.0.0-alpha.1 is affected by a known vulnerability. The following packages have a transitive dependency on mongo-express and may be impacted: - sn-cicd =4.6.12, =4.6.17 Source cves: CVE-2021-23372 Source advisory: SNYK:JS-MONGOEXPRESS-1085403...

7.5CVSS7.1AI score0.00878EPSS
Exploits0
Rows per page
Query Builder