mongo-express (npm) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package mongo-express, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2021-21422 — CVSS 8.1 (high): mongo-express is a web-based MongoDB admin interface, written with Node.js and express. 1: As mentioned in this issue…
CVE-2021-23372 — CVSS 4.4 (medium): All versions of package mongo-express are vulnerable to Denial of Service (DoS) when exporting an empty collection as CSV, due to an…