8 matches found
CVE-2018-25004
An improper input validation flaw causing a denial-of-service found in MongoDB. An attacker can perform a specific type of query which issues a generic explain command on a find query causing denial-of-service. The highest threat from this vulnerability is to the system availability...
MongoDB DoS Vulnerability (SERVER-38275) - Windows
MongoDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb"; if...
MongoDB DoS Vulnerability (SERVER-38275) - Linux
MongoDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb"; if...
CVE-2018-25004
A user authorized to performing a specific type of query may trigger a denial of service by issuing a generic explain command on a find query. This issue affects MongoDB Server v4.0 versions prior to 4.0.6 and MongoDB Server v3.6 versions prior to 3.6.11...
CVE-2018-25004 Invariant failure when explaining a find with a UUID
A user authorized to performing a specific type of query may trigger a denial of service by issuing a generic explain command on a find query. This issue affects MongoDB Server v4.0 versions prior to 4.0.6 and MongoDB Server v3.6 versions prior to 3.6.11...
CVE-2018-25004 Invariant failure when explaining a find with a UUID
A user authorized to performing a specific type of query may trigger a denial of service by issuing a generic explain command on a find query. This issue affects MongoDB Server v4.0 versions prior to 4.0.6 and MongoDB Server v3.6 versions prior to 3.6.11...
CVE-2018-25004
CVE-2018-25004 affects MongoDB Server: versions prior to 4.0.6 (4.0.x) and prior to 3.6.11 (3.6.x). The issue lets an authorized user trigger a DoS by issuing a generic explain command on a find query, causing availability impact. Affected components: MongoDB Server find/explain path (no further ...
CVE-2018-25004
Removed by vendor...