漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Mongoose: Improper Sanitization of $nor in sanitizeFilter May Allow NoSQL Injection
Vulnerability Description
Mongoose is a MongoDB object modeling tool designed to work in an asynchronous environment. Prior to 6.13.9, 7.8.9, 8.22.1, and 9.1.6, a vulnerability allows bypassing Mongoose’s sanitizeFilter query sanitization mechanism via the $nor operator. When sanitizeFilter is enabled, Mongoose wraps query operators in $eq to neutralize them. However, prior to the fix, $nor was not included in the set of logical operators that are recursively sanitized. Because $nor accepts an array (like $and and $or), and arrays do not trigger hasDollarKeys(), malicious operators such as $ne, $gt, or $regex could be injected inside a $nor clause without being sanitized. This vulnerability is fixed in 6.13.9, 7.8.9, 8.22.1, and 9.1.6.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
输出中的特殊元素转义处理不恰当(注入)
Vulnerability Title
Mongoose 注入漏洞
Vulnerability Description
Mongoose是Automattic开源的一个 MongoDB 对象建模,旨在在异步环境中工作。 Mongoose 6.13.9之前版本、7.8.9之前版本、8.22.1之前版本和9.1.6之前版本存在注入漏洞,该漏洞源于通过$nor运算符绕过sanitizeFilter查询清理机制,当sanitizeFilter启用时,Mongoose将查询运算符包装在$eq中,但$nor未包含在递归清理的逻辑运算符集合中,导致恶意运算符如$ne、$gt或$regex可在$nor子句中注入而不被清理。
CVSS Information
N/A
Vulnerability Type
N/A