Lucene search
GoogleOSV:CVE-2021-32036HistoryFeb 04, 2022 - 11:15 p.m.
CVE-2021-32036
2022-02-0423:15:11
Google
osv.dev
5
An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high volume may lead to resource depletion or generate high lock contention. This may result in denial of service and in rare cases could result in id field collisions. This issue affects MongoDB Server v5.0 versions prior to and including 5.0.3; MongoDB Server v4.4 versions prior to and including 4.4.9; MongoDB Server v4.2 versions prior to and including 4.2.16 and MongoDB Server v4.0 versions prior to and including 4.0.28
| CPE | Name | Operator | Version |
|---|---|---|---|
| mongo | eq | r5.0.0 | |
| mongo | eq | r5.0.3-rc1 | |
| mongo | eq | r5.0.2 | |
| mongo | eq | r5.0.3-rc0 | |
| mongo | eq | r5.0.3 | |
| mongo | eq | r5.0.2-rc0 | |
| mongo | eq | r5.0.1 | |
| mongo | eq | r5.0.3-rc2 | |
| mongo | eq | r5.0.1-rc0 |
References
Related
cve
cve
CVE-2021-32036
2022-02-04 23:15:11
mongodb
mongodb
Denial of Service and Data Integrity vulnerability in features command
2022-02-04 17:38:00
ubuntucve
ubuntucve
CVE-2021-32036
2022-02-04 00:00:00
debiancve
debiancve
CVE-2021-32036
2022-02-04 23:15:00
osv
osv
BIT-mongodb-2021-32036
2024-03-06 10:57:41
openvas
openvas
MongoDB DoS Vulnerability (SERVER-59294) - Linux
2022-02-07 00:00:00
MongoDB DoS Vulnerability (SERVER-59294) - Windows
2022-02-07 00:00:00
prion
prion
Design/Logic Flaw
2022-02-04 23:15:00
cvelist
cvelist
redhatcve
redhatcve
CVE-2021-32036
2022-02-08 12:16:59
nvd
nvd
CVE-2021-32036
2022-02-04 23:15:11
ibm
ibm