Mongodb@2.6.0 Security Vulnerabilities and Issues — Mongodb@2.6.0 CVE List

Lucene search

MongodbMongodb2.6.0

3 matches found

CVE•added 2015/03/30 2:59 p.m.•63 views

CVE-2015-1609

MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request.

5CVSS7.4AI score0.01703EPSS

CVE•added 2014/12/25 11:59 a.m.•48 views

CVE-2014-3971

The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) by attempting authentication with an invalid X.509 client certificate.

5CVSS7.8AI score0.01859EPSS

CVE•added 2017/04/14 6:59 p.m.•48 views

CVE-2016-3104

mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow remote attackers to cause a denial of service (memory consumption and process termination) by leveraging in-memory database representation when authenticating against a non-existent database.

7.5CVSS7.2AI score0.01238EPSS