CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-24391

mongo-express before 1.0.0 offers support for certain advanced syntax but implements this in an unsafe way. NOTE: this may overlap CVE-2019-10769.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.909

EPSS Ranking 99.6%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2020-24391

Mongo-Express Project » Mongo-Express » Version: 0.10.0

cpe:2.3:a:mongo-express_project:mongo-express:0.10.0
Mongo-Express Project » Mongo-Express » Version: 0.11.0

cpe:2.3:a:mongo-express_project:mongo-express:0.11.0
Mongo-Express Project » Mongo-Express » Version: 0.11.1

cpe:2.3:a:mongo-express_project:mongo-express:0.11.1
Mongo-Express Project » Mongo-Express » Version: 0.11.2

cpe:2.3:a:mongo-express_project:mongo-express:0.11.2
Mongo-Express Project » Mongo-Express » Version: 0.11.3

cpe:2.3:a:mongo-express_project:mongo-express:0.11.3
Mongo-Express Project » Mongo-Express » Version: 0.12.0

cpe:2.3:a:mongo-express_project:mongo-express:0.12.0
Mongo-Express Project » Mongo-Express » Version: 0.13.0

cpe:2.3:a:mongo-express_project:mongo-express:0.13.0
Mongo-Express Project » Mongo-Express » Version: 0.14.0

cpe:2.3:a:mongo-express_project:mongo-express:0.14.0
Mongo-Express Project » Mongo-Express » Version: 0.14.1

cpe:2.3:a:mongo-express_project:mongo-express:0.14.1
Mongo-Express Project » Mongo-Express » Version: 0.15.0

cpe:2.3:a:mongo-express_project:mongo-express:0.15.0
Mongo-Express Project » Mongo-Express » Version: 0.16.0

cpe:2.3:a:mongo-express_project:mongo-express:0.16.0
Mongo-Express Project » Mongo-Express » Version: 0.16.1

cpe:2.3:a:mongo-express_project:mongo-express:0.16.1
Mongo-Express Project » Mongo-Express » Version: 0.17.0

cpe:2.3:a:mongo-express_project:mongo-express:0.17.0
Mongo-Express Project » Mongo-Express » Version: 0.17.1

cpe:2.3:a:mongo-express_project:mongo-express:0.17.1
Mongo-Express Project » Mongo-Express » Version: 0.17.2

cpe:2.3:a:mongo-express_project:mongo-express:0.17.2
Mongo-Express Project » Mongo-Express » Version: 0.17.3

cpe:2.3:a:mongo-express_project:mongo-express:0.17.3
Mongo-Express Project » Mongo-Express » Version: 0.17.4

cpe:2.3:a:mongo-express_project:mongo-express:0.17.4
Mongo-Express Project » Mongo-Express » Version: 0.17.5

cpe:2.3:a:mongo-express_project:mongo-express:0.17.5
Mongo-Express Project » Mongo-Express » Version: 0.2.1

cpe:2.3:a:mongo-express_project:mongo-express:0.2.1
Mongo-Express Project » Mongo-Express » Version: 0.2.2

cpe:2.3:a:mongo-express_project:mongo-express:0.2.2
Mongo-Express Project » Mongo-Express » Version: 0.2.3

cpe:2.3:a:mongo-express_project:mongo-express:0.2.3
Mongo-Express Project » Mongo-Express » Version: 0.27.4

cpe:2.3:a:mongo-express_project:mongo-express:0.27.4
Mongo-Express Project » Mongo-Express » Version: 0.29.10

cpe:2.3:a:mongo-express_project:mongo-express:0.29.10
Mongo-Express Project » Mongo-Express » Version: 0.3.0

cpe:2.3:a:mongo-express_project:mongo-express:0.3.0
Mongo-Express Project » Mongo-Express » Version: 0.3.1

cpe:2.3:a:mongo-express_project:mongo-express:0.3.1
Mongo-Express Project » Mongo-Express » Version: 0.3.2

cpe:2.3:a:mongo-express_project:mongo-express:0.3.2
Mongo-Express Project » Mongo-Express » Version: 0.3.3

cpe:2.3:a:mongo-express_project:mongo-express:0.3.3
Mongo-Express Project » Mongo-Express » Version: 0.3.4

cpe:2.3:a:mongo-express_project:mongo-express:0.3.4
Mongo-Express Project » Mongo-Express » Version: 0.32.0

cpe:2.3:a:mongo-express_project:mongo-express:0.32.0
Mongo-Express Project » Mongo-Express » Version: 0.33.0

cpe:2.3:a:mongo-express_project:mongo-express:0.33.0
Mongo-Express Project » Mongo-Express » Version: 0.34.0

cpe:2.3:a:mongo-express_project:mongo-express:0.34.0
Mongo-Express Project » Mongo-Express » Version: 0.35.0

cpe:2.3:a:mongo-express_project:mongo-express:0.35.0
Mongo-Express Project » Mongo-Express » Version: 0.37.0

cpe:2.3:a:mongo-express_project:mongo-express:0.37.0
Mongo-Express Project » Mongo-Express » Version: 0.37.1

cpe:2.3:a:mongo-express_project:mongo-express:0.37.1
Mongo-Express Project » Mongo-Express » Version: 0.37.2

cpe:2.3:a:mongo-express_project:mongo-express:0.37.2
Mongo-Express Project » Mongo-Express » Version: 0.38.0

cpe:2.3:a:mongo-express_project:mongo-express:0.38.0
Mongo-Express Project » Mongo-Express » Version: 0.39.0

cpe:2.3:a:mongo-express_project:mongo-express:0.39.0
Mongo-Express Project » Mongo-Express » Version: 0.39.1

cpe:2.3:a:mongo-express_project:mongo-express:0.39.1
Mongo-Express Project » Mongo-Express » Version: 0.39.2

cpe:2.3:a:mongo-express_project:mongo-express:0.39.2
Mongo-Express Project » Mongo-Express » Version: 0.4.0

cpe:2.3:a:mongo-express_project:mongo-express:0.4.0
Mongo-Express Project » Mongo-Express » Version: 0.40.0

cpe:2.3:a:mongo-express_project:mongo-express:0.40.0
Mongo-Express Project » Mongo-Express » Version: 0.41.0

cpe:2.3:a:mongo-express_project:mongo-express:0.41.0
Mongo-Express Project » Mongo-Express » Version: 0.42.0

cpe:2.3:a:mongo-express_project:mongo-express:0.42.0
Mongo-Express Project » Mongo-Express » Version: 0.42.1

cpe:2.3:a:mongo-express_project:mongo-express:0.42.1
Mongo-Express Project » Mongo-Express » Version: 0.42.2

cpe:2.3:a:mongo-express_project:mongo-express:0.42.2
Mongo-Express Project » Mongo-Express » Version: 0.42.3

cpe:2.3:a:mongo-express_project:mongo-express:0.42.3
Mongo-Express Project » Mongo-Express » Version: 0.43.0

cpe:2.3:a:mongo-express_project:mongo-express:0.43.0
Mongo-Express Project » Mongo-Express » Version: 0.43.1

cpe:2.3:a:mongo-express_project:mongo-express:0.43.1
Mongo-Express Project » Mongo-Express » Version: 0.44.0

cpe:2.3:a:mongo-express_project:mongo-express:0.44.0
Mongo-Express Project » Mongo-Express » Version: 0.45.0

cpe:2.3:a:mongo-express_project:mongo-express:0.45.0
Mongo-Express Project » Mongo-Express » Version: 0.46.0

cpe:2.3:a:mongo-express_project:mongo-express:0.46.0
Mongo-Express Project » Mongo-Express » Version: 0.46.1

cpe:2.3:a:mongo-express_project:mongo-express:0.46.1
Mongo-Express Project » Mongo-Express » Version: 0.47.0

cpe:2.3:a:mongo-express_project:mongo-express:0.47.0
Mongo-Express Project » Mongo-Express » Version: 0.48.0

cpe:2.3:a:mongo-express_project:mongo-express:0.48.0
Mongo-Express Project » Mongo-Express » Version: 0.48.1

cpe:2.3:a:mongo-express_project:mongo-express:0.48.1
Mongo-Express Project » Mongo-Express » Version: 0.49.0

cpe:2.3:a:mongo-express_project:mongo-express:0.49.0
Mongo-Express Project » Mongo-Express » Version: 0.5.0

cpe:2.3:a:mongo-express_project:mongo-express:0.5.0
Mongo-Express Project » Mongo-Express » Version: 0.50.0

cpe:2.3:a:mongo-express_project:mongo-express:0.50.0
Mongo-Express Project » Mongo-Express » Version: 0.51.0

cpe:2.3:a:mongo-express_project:mongo-express:0.51.0
Mongo-Express Project » Mongo-Express » Version: 0.51.1

cpe:2.3:a:mongo-express_project:mongo-express:0.51.1
Mongo-Express Project » Mongo-Express » Version: 0.51.2

cpe:2.3:a:mongo-express_project:mongo-express:0.51.2
Mongo-Express Project » Mongo-Express » Version: 0.52.0

cpe:2.3:a:mongo-express_project:mongo-express:0.52.0
Mongo-Express Project » Mongo-Express » Version: 0.52.1

cpe:2.3:a:mongo-express_project:mongo-express:0.52.1
Mongo-Express Project » Mongo-Express » Version: 0.52.2

cpe:2.3:a:mongo-express_project:mongo-express:0.52.2
Mongo-Express Project » Mongo-Express » Version: 0.53.0

cpe:2.3:a:mongo-express_project:mongo-express:0.53.0
Mongo-Express Project » Mongo-Express » Version: 0.54.0

cpe:2.3:a:mongo-express_project:mongo-express:0.54.0
Mongo-Express Project » Mongo-Express » Version: 0.6.0

cpe:2.3:a:mongo-express_project:mongo-express:0.6.0
Mongo-Express Project » Mongo-Express » Version: 0.7.0

cpe:2.3:a:mongo-express_project:mongo-express:0.7.0
Mongo-Express Project » Mongo-Express » Version: 0.7.1

cpe:2.3:a:mongo-express_project:mongo-express:0.7.1
Mongo-Express Project » Mongo-Express » Version: 0.8.0

cpe:2.3:a:mongo-express_project:mongo-express:0.8.0
Mongo-Express Project » Mongo-Express » Version: 0.8.1

cpe:2.3:a:mongo-express_project:mongo-express:0.8.1
Mongo-Express Project » Mongo-Express » Version: 0.9.0

cpe:2.3:a:mongo-express_project:mongo-express:0.9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-24391

Products

Pricing

Contact Us