Improve GHSA-m7xq-9374-9rvx

github · Dec 19, 2024 · f4e0883 · f4e0883
1 parent 0678eb2
commit f4e0883
Showing 1 changed file with 1 addition and 5 deletions.
diff --git a/advisories/github-reviewed/2024/12/GHSA-m7xq-9374-9rvx/GHSA-m7xq-9374-9rvx.json b/advisories/github-reviewed/2024/12/GHSA-m7xq-9374-9rvx/GHSA-m7xq-9374-9rvx.json
@@ -1,18 +1,14 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-m7xq-9374-9rvx",
-  "modified": "2024-12-04T16:41:00Z",
+  "modified": "2024-12-04T16:41:02Z",
   "published": "2024-12-02T21:31:20Z",
   "aliases": [
     "CVE-2024-53900"
   ],
   "summary": "Mongoose search injection vulnerability",
   "details": "Mongoose versions prior to 8.8.3, 7.8.3, and 6.13.5 are vulnerable to improper use of the $where operator. This vulnerability arises from the ability of the $where clause to execute arbitrary JavaScript code in MongoDB queries, potentially leading to code injection attacks and unauthorized access or manipulation of database data.",
   "severity": [
-    {
-      "type": "CVSS_V3",
-      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
-    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"