Vulnerabilities > Mongodb > Mongodb > 4.2.0

DATE CVE VULNERABILITY TITLE RISK
2020-08-21 CVE-2020-7923 Improper Handling of Exceptional Conditions vulnerability in Mongodb
A user authorized to perform database queries may cause denial of service by issuing specially crafted queries, which violate an invariant in the query subsystem's support for geoNear.
network
low complexity
mongodb CWE-755
6.5
6.5
2020-05-06 CVE-2020-7921 Incorrect Authorization vulnerability in Mongodb
Improper serialization of internal state in the authorization subsystem in MongoDB Server's authorization subsystem permits a user with valid credentials to bypass IP whitelisting protection mechanisms following administrative action.
network
high complexity
mongodb CWE-863
5.3
5.3