Lucene search
Veracode Vulnerability DatabaseVERACODE:29867HistoryMar 31, 2021 - 3:13 a.m.
Remote Code Execution (RCE)
2021-03-3103:13:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
EPSS
0.514
Percentile
97.6%
mongodb-query-parser is vulnerable to remote code execution (RCE). The vulnerability exists through the use of unsafe version of safer-eval, and context-eval in the older versions. This vulnerability is related to CVE-2019-10769.
Related
cvelist
cvelist
CVE-2020-24391
2021-03-30 20:52:58
CVE-2019-10769
2019-12-06 22:49:56
prion
prion
Design/Logic Flaw
2021-03-30 21:15:00
Design/Logic Flaw
2019-12-06 23:15:00
cve
cve
CVE-2020-24391
2021-03-30 21:15:13
CVE-2019-10769
2019-12-06 23:15:11
osv
osv
CVE-2020-24391
2021-03-30 21:15:13
Remote code execution in mongo-express
2021-04-13 15:41:01
Sandbox Breakout / Arbitrary Code Execution in safer-eval
2019-12-11 02:01:44
nvd
nvd
CVE-2020-24391
2021-03-30 21:15:13
CVE-2019-10769
2019-12-06 23:15:11
github
github
Remote code execution in mongo-express
2021-04-13 15:41:01
Sandbox Breakout / Arbitrary Code Execution in safer-eval
2019-12-11 02:01:44
nuclei
nuclei
Mongo-Express - Remote Code Execution
2022-01-20 09:25:01
nodejs
nodejs
Sandbox Breakout / Arbitrary Code Execution
2019-12-11 16:50:15
huntr
huntr
Code Injection in commenthol/safer-eval
2020-02-21 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2019-12-09 08:05:21