Package impact
npm / mongo-express
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-10758 | unknown | — | 1.5 | 7y ago | mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. | |||
| CVE-2023-52555 | unknown | — | — | 2y ago | mongo-express Cross-site Request Forgery vulnerability | |||
| CVE-2021-23372 | unknown | — | — | 5y ago | Denial of Service (DoS) in mongo-express | |||
| CVE-2021-21422 | unknown | — | — | 5y ago | Cross-site scripting |