4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
Jibbers McGee discovered that PyMongo, a high-performance schema-free
document-oriented data store, is prone to a denial-of-service
vulnerability.
An attacker can remotely trigger a NULL pointer dereference causing MongoDB
to crash.
The oldstable distribution (squeeze) is not affected by this issue.
For the stable distribution (wheezy), this problem has been fixed in
version 2.2-4+deb7u1.
For the testing distribution (jessie), this problem has been fixed in
version 2.5.2-1.
For the unstable distribution (sid), this problem has been fixed in
version 2.5.2-1.
We recommend that you upgrade your pymongo packages.