9 matches found
EUVD-2022-2775
Malicious code in bioql PyPI...
SUSE CVE-2019-2390
An unprivileged user or program on Microsoft Windows which can create OpenSSL configuration files in a fixed location may cause utility programs shipped with MongoDB server to run attacker defined code as the user running the utility. This issue MongoDB Server v4.0 versions prior to 4.0.11; Mongo...
The vulnerability of the command-line utilities in MongoDB Tools, a database management system for MongoDB, allows attackers to gain access to confidential data and compromise its integrity.
The vulnerability of the command-line utilities in MongoDB Tools, a database management system for MongoDB, is related to errors in the certificate validation process. Exploiting this vulnerability can allow an attacker to gain access to confidential data and compromise its integrity...
CVE-2020-7924
Usage of specific command line parameter in MongoDB Tools which was originally intended to just skip hostname checks, may result in MongoDB skipping all certificate validation. This may result in accepting invalid certificates.This issue affects: MongoDB Inc. MongoDB Database Tools 3.6 versions...
CVE-2020-7924 Specific command line parameter might result in accepting invalid certificate
Usage of specific command line parameter in MongoDB Tools which was originally intended to just skip hostname checks, may result in MongoDB skipping all certificate validation. This may result in accepting invalid certificates.This issue affects: MongoDB Inc. MongoDB Database Tools 3.6 versions...
CVE-2020-7924
CVE-2020-7924 describes an improper certificate validation flaw in MongoDB Tools caused by using a command-line parameter that was intended to skip hostname checks but can cause all certificate validation to be bypassed. Affected are MongoDB Database Tools versions: 3.6.x after 3.6.5 and before 3...
CVE-2020-7924 Specific command line parameter might result in accepting invalid certificate
Usage of specific command line parameter in MongoDB Tools which was originally intended to just skip hostname checks, may result in MongoDB skipping all certificate validation. This may result in accepting invalid certificates.This issue affects: MongoDB Inc. MongoDB Database Tools 3.6 versions...
CVE-2020-7924
Removed by vendor...
Specific command line parameter might result in accepting invalid certificate
Usage of specific command line parameter in MongoDB Tools which was originally intended to just skip hostname checks, may result in MongoDB skipping all certificate validation. This may result in accepting invalid certificates.This issue affects: MongoDB Inc. MongoDB Database Tools 3.6 versions...