View all vulnerabilities

CVE-2023-3696

Mongoose Prototype Pollution vulnerability

Prototype Pollution in GitHub repository automattic/mongoose prior to 7.3.3, 6.11.3, and 5.13.20.

Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Fix without upgrading
Vulnerability Details
Score
10
Score Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H
Affected Versions
mongoose >= 7.0.0 < 7.3.3; mongoose >= 6.0.0 < 6.11.3; mongoose < 5.13.20
Severity
Ecosystem
JavaScript
Publish Date
July 16, 2023
Modified Date
December 5, 2023