Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:38 a.m.2 views

SUSE CVE-2017-15535

MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors aka wire protocol compression, which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory...

9.1CVSS9.2AI score0.01567EPSS
Exploits0References3
ArchLinux
ArchLinux
added 2018/01/05 12:0 a.m.28 views

[ASA-201801-5] mongodb: arbitrary code execution

Arch Linux Security Advisory ASA-201801-5 ========================================= Severity: High Date : 2018-01-05 CVE-ID : CVE-2017-15535 Package : mongodb Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-503 Summary ======= The package mongodb before...

9.1CVSS2.6AI score0.01567EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2017/11/22 9:19 a.m.35 views

CVE-2017-15535

A memory corruption flaw was found in the way MongoDB handled wire protocol compression for intra-cluster communication. A privileged network attacker could potentially use this flaw to crash the MongoDB server under certain circumstances...

9.1CVSS3.1AI score0.01567EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/11/16 12:0 a.m.32 views

openSUSE Security Update : mongodb (openSUSE-2017-1275)

This update for mongodb 3.4.10 fixes the following issues : Security issues fixed : - CVE-2017-15535: MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors aka wire protocol compression, which exposes a vulnerability when...

9.1CVSS8AI score0.01567EPSS
Exploits0References3
OSV
OSV
added 2017/11/15 10:56 a.m.4 views

OPENSUSE-SU-2017:3018-1 Security update for mongodb

This update for mongodb 3.4.10 fixes the following issues: Security issues fixed: - CVE-2017-15535: MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors aka wire protocol compression, which exposes a vulnerability when...

9.1CVSS9.2AI score0.01567EPSS
Exploits0References2
OSV
OSV
added 2017/11/15 10:56 a.m.4 views

OPENSUSE-SU-2017:3022-1 Security update for mongodb

This update for mongodb 3.4.10 fixes the following issues: Security issues fixed: - CVE-2017-15535: MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors aka wire protocol compression, which exposes a vulnerability when...

9.1CVSS9.2AI score0.01567EPSS
Exploits0References2
CVE
CVE
added 2017/11/01 1:0 a.m.106 views

CVE-2017-15535

CVE-2017-15535 affects MongoDB 3.4.x before 3.4.10 and 3.5.x-development in the wire protocol compression feature (networkMessageCompressors), which is disabled by default but if enabled can allow a remote attacker to cause a denial of service or modify memory. Public advisories and updates exist...

9.1CVSS8.9AI score0.01567EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder