CVE-2020-7925

Incorrect validation of user input in the role name parser may lead to use of uninitialized memory allowing an unauthenticated attacker to use a specially crafted request to cause a denial of service. This issue affects: MongoDB Inc. MongoDB Server v4.4 versions prior to 4.4.0-rc12; v4.2 versions prior to 4.2.9.
References
Link Resource
https://jira.mongodb.org/browse/SERVER-49142 Issue Tracking Vendor Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:4.4.0:rc1:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:4.4.0:rc10:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:4.4.0:rc11:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:4.4.0:rc2:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:4.4.0:rc3:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:4.4.0:rc4:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:4.4.0:rc5:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:4.4.0:rc6:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:4.4.0:rc7:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:4.4.0:rc8:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:4.4.0:rc9:*:*:*:*:*:*

Information

Published : 2020-11-23 07:15

Updated : 2021-10-19 05:08


NVD link : CVE-2020-7925

Mitre link : CVE-2020-7925


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

mongodb

  • mongodb