Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
MongoDb Improper Neutralization of Null Byte or NUL Character Vulnerability - CVE-2024-10921 - Vulnerability Database
MongoDb

MongoDb Improper Neutralization of Null Byte or NUL Character Vulnerability - CVE-2024-10921

High
Reference: CVE-2024-10921
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2024-10921
Title: MongoDb Improper Neutralization of Null Byte or NUL Character Vulnerability
Overview:

An authorized user may trigger crashes or receive the contents of buffer over-reads of Server memory by issuing specially crafted requests that construct malformed BSON in the MongoDB Server. This issue affects MongoDB Server v5.0 versions prior to 5.0.30 MongoDB Server v6.0 versions prior to 6.0.19 MongoDB Server v7.0 versions prior to 7.0.15 and MongoDB Server v8.0 versions prior to and including 8.0.2.