Vulnerabilities > Mongodb > Mongodb > 4.0.22

DATE CVE VULNERABILITY TITLE RISK
2022-02-04 CVE-2021-32036 Allocation of Resources Without Limits or Throttling vulnerability in Mongodb
An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high volume may lead to resource depletion or generate high lock contention.
network
low complexity
mongodb CWE-770
7.1
2021-12-15 CVE-2021-20330 Improper Input Validation vulnerability in Mongodb
An attacker with basic CRUD permissions on a replicated collection can run the applyOps command with specially malformed oplog entries, resulting in a potential denial of service on secondaries.
network
low complexity
mongodb CWE-20
6.5