Package impact
npm / mongo-express
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2019-10758 | unknown | — | 1.5 | 7y ago | mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. | |
| CVE-2023-52555 | unknown | — | — | 2y ago | mongo-express Cross-site Request Forgery vulnerability | |
| CVE-2021-23372 | unknown | — | — | 5y ago | Denial of Service (DoS) in mongo-express | |
| CVE-2021-21422 | unknown | — | — | 5y ago | Cross-site scripting |