Vulnerabilities > Mongo Express Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-21 | CVE-2021-21422 | Unspecified vulnerability in Mongo-Express Project Mongo-Express mongo-express is a web-based MongoDB admin interface, written with Node.js and express. | 6.1 |
2021-04-13 | CVE-2021-23372 | Improper Check for Unusual or Exceptional Conditions vulnerability in Mongo-Express Project Mongo-Express All versions of package mongo-express are vulnerable to Denial of Service (DoS) when exporting an empty collection as CSV, due to an unhandled exception, leading to a crash. | 7.5 |
2021-03-30 | CVE-2020-24391 | Unspecified vulnerability in Mongo-Express Project Mongo-Express mongo-express before 1.0.0 offers support for certain advanced syntax but implements this in an unsafe way. | 9.8 |
2019-12-24 | CVE-2019-10758 | Unspecified vulnerability in Mongo-Express Project Mongo-Express mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. | 9.9 |