CVE-2023-3696
- Source
- https://cve.org/CVERecord?id=CVE-2023-3696
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-3696.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-3696
- Aliases
- Published
- 2023-07-17T00:00:21.160Z
- Modified
- 2026-02-03T07:35:49.860824Z
- Severity
-
- 10.0 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H CVSS Calculator
- Summary
- Prototype Pollution in automattic/mongoose
- Details
-
Prototype Pollution in GitHub repository automattic/mongoose prior to 7.3.4.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/3xxx/CVE-2023-3696.json", "cna_assigner": "@huntrdev", "cwe_ids": [ "CWE-1321" ] }- References
Affected packages
Git / github.com/automattic/mongoose
Affected versions
5.*
5.13.10
5.13.11
5.13.12
5.13.13
5.13.14
5.13.15
5.13.16
5.13.17
5.13.9
6.*
6.0.0
6.0.1
6.0.10
6.0.11
6.0.12
6.0.13
6.0.14
6.0.15
6.0.2
6.0.3
6.0.4
6.0.5
6.0.6
6.0.7
6.0.8
6.0.9
6.1.0
6.1.1
6.1.10
6.1.2
6.1.3
6.1.4
6.1.5
6.1.6
6.1.7
6.1.8
6.1.9
6.10.0
6.10.1
6.10.2
6.10.3
6.10.4
6.10.5
6.11.0
6.11.1
6.11.2
6.11.3
6.2.0
6.2.1
6.2.10
6.2.11
6.2.2
6.2.3
6.2.4
6.2.5
6.2.6
6.2.7
6.2.8
6.2.9
6.3.0
6.3.1
6.3.2
6.3.3
6.3.4
6.3.5
6.3.6
6.3.7
6.3.8
6.3.9
6.4.0
6.4.1
6.4.2
6.4.3
6.4.4
6.4.5
6.4.6
6.4.7
6.5.0
6.5.1
6.5.2
6.5.3
6.5.4
6.5.5
6.6.0
6.6.1
6.6.2
6.6.3
6.6.4
6.6.5
6.6.6
6.6.7
6.7.0
6.7.1
6.7.2
6.7.3
6.7.4
6.7.5
6.8.0
6.8.1
6.8.2
6.8.3
6.8.4
6.8.5
6.9.0
6.9.1
6.9.2
6.9.3
7.*
7.0.0
7.0.0-rc0
7.0.1
7.0.2
7.0.3
7.0.4
7.0.5
7.1.0
7.1.1
7.1.2
7.2.0
7.2.1
7.2.2
7.2.3
7.2.4
7.3.0
7.3.1
7.3.2
7.3.3
Other
test