A user authorized to performing a specific type of query may trigger a denial of service by issuing a generic explain command on a find query. This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4.0.6; MongoDB Server v3.6 versions prior to 3.6.11.
View Full Alert
Related Posts
CVE-2018-20804A user authorized to perform database queries may trigger denial of service by issuing specially crafted applyOps invocations. This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4.0.10;…
CVE-2018-20804 (mongodb)A user authorized to perform database queries may trigger denial of service by issuing specially crafted applyOps invocations. This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4.0.10;…
CVE-2018-20802 (mongodb)A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries with compound indexes affecting QueryPlanner. This issue affects: MongoDB Inc. MongoDB Server v3.6…
