Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2021-32040HistoryApr 12, 2022 - 3:15 p.m.
CVE-2021-32040
2022-04-1215:15:00
Debian Security Bug Tracker
security-tracker.debian.org
28
0.003 Low
EPSS
Percentile
70.8%
It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the size of the stack frames used by that stage. If an attacker could cause such an aggregation to occur, they could maliciously crash MongoDB in a DoS attack. This vulnerability affects MongoDB versions prior to 5.0.4, 4.4.11, 4.2.16.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | mongodb | <= 1:3.2.11-2+deb9u1 | mongodb_1:3.2.11-2+deb9u1_all.deb |
Related
osv
osv
BIT-mongodb-2021-32040
2024-03-06 10:57:09
CVE-2021-32040
2022-04-12 15:15:07
openvas
openvas
cnvd
cnvd
MongoDB buffer overflow vulnerability
2022-04-15 00:00:00
prion
prion
Stack overflow
2022-04-12 15:15:00
ubuntucve
ubuntucve
CVE-2021-32040
2022-04-12 00:00:00
cve
cve
CVE-2021-32040
2022-04-12 15:15:07
redhatcve
redhatcve
CVE-2021-32040
2022-04-13 06:28:33
cvelist
cvelist
mongodb
mongodb
nvd
nvd
CVE-2021-32040
2022-04-12 15:15:07
ibm
ibm