Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2018-20802HistoryNov 23, 2020 - 4:15 p.m.
CVE-2018-20802
2020-11-2316:15:00
Debian Security Bug Tracker
security-tracker.debian.org
9
mongodb
denial of service
queryplanner
compound indexes
cve-2018-20802
unix
EPSS
0.001
Percentile
29.8%
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries with compound indexes affecting QueryPlanner. This issue affects: MongoDB Inc. MongoDB Server v3.6 versions prior to 3.6.9, v4.0 versions prior to 4.0.3.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | mongodb | < 1:3.2.11-2+deb9u1 | mongodb_1:3.2.11-2+deb9u1_all.deb |
Related
nvd
nvd
CVE-2018-20802
2020-11-23 16:15:12
mongodb
mongodb
Post-auth queries on compound index may crash mongod
2020-11-30 14:00:00
osv
osv
CVE-2018-20802
2020-11-23 16:15:12
openvas
openvas
MongoDB 3.6 < 3.6.9, 4.0 < 4.0.3 DoS Vulnerability - Windows
2020-12-02 00:00:00
MongoDB 3.6 < 3.6.9, 4.0 < 4.0.3 DoS Vulnerability - Linux
2020-12-02 00:00:00
cve
cve
CVE-2018-20802
2020-11-23 16:15:12
prion
prion
Design/Logic Flaw
2020-11-23 16:15:00
redhatcve
redhatcve
CVE-2018-20802
2020-11-23 20:51:38
ubuntucve
ubuntucve
CVE-2018-20802
2020-11-23 00:00:00
cvelist
cvelist
CVE-2018-20802 Post-auth queries on compound index may crash mongod
2020-11-23 15:15:18