claytonvantol.us

SESSION: secure TLS: 1.3 PID: 1337

clayton@site:~/news$ cat cve-2019-10758-mongodb-mongo-express.log

CVE-2019-10758 — MongoDB mongo-express Remote Code Execution Vulnerability

2021-12-10 • CISA Known Exploited Vulnerability

[event] mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method.

> AFFECTED SOFTWARE

Field	Value
Vendor	MongoDB
Product	mongo-express
CVE ID	CVE-2019-10758
Date Added	2021-12-10
Due Date	2022-06-10
Ransomware Campaign	Unknown

> MITIGATION

Apply updates per vendor instructions.

Due Date: 2022-06-10

> REFERENCES

[1] https://nvd.nist.gov/vuln/detail/CVE-2019-10758

← back to terminal

UPTIME: 1337d v2.0.1 privacy LAST LOGIN: 2026-05-30 20:36:15 UTC