Lucene search
K

5 matches found

NVD
NVD
added 2024/05/14 4:17 p.m.19 views

CVE-2024-3374

An unauthenticated user can trigger a fatal assertion in the server while generating ftdc diagnostic metrics due to attempting to build a BSON object that exceeds certain memory sizes. This issue affects MongoDB Server v5.0 versions prior to and including 5.0.16 and MongoDB Server v6.0 versions...

5.3CVSS5.2AI score0.00457EPSS
Exploits0References1
OSV
OSV
added 2024/03/06 10:57 a.m.17 views

BIT-MONGODB-2021-32036 Denial of Service and Data Integrity vulnerability in features command

An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high volume may lead to resource depletion or generate high lock contention. This may result in denial of service and in rare cases could result in id field collisions. This...

7.1CVSS5.9AI score0.01034EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 10:57 a.m.19 views

BIT-MONGODB-2022-24272 MongoDB Server (mongod) may crash in response to unexpected requests

An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of service or server crash. This issue affects: MongoDB Inc. MongoDB Server v5.0 versions, prior to and including v5.0.6...

6.5CVSS6.3AI score0.0084EPSS
Exploits2References2
Prion
Prion
added 2022/02/04 11:15 p.m.24 views

Design/Logic Flaw

An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high volume may lead to resource depletion or generate high lock contention. This may result in denial of service and in rare cases could result in id field collisions. This...

5.5CVSS6.7AI score0.01034EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2021/11/24 4:15 p.m.12 views

CVE-2021-32037

An authorized user may trigger an invariant which may result in denial of service or server exit if a relevant aggregation request is sent to a shard. Usually, the requests are sent via mongos and special privileges are required in order to know the address of the shards and to log in to the shar...

6.5CVSS0.01181EPSS
Exploits0References1
Rows per page
Query Builder