Vulnerabilities > Mongodb > Mongodb > 4.2.11
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-12 | CVE-2021-32040 | Out-of-bounds Write vulnerability in Mongodb It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the size of the stack frames used by that stage. | 7.5 |
2022-02-04 | CVE-2021-32036 | Allocation of Resources Without Limits or Throttling vulnerability in Mongodb An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high volume may lead to resource depletion or generate high lock contention. | 7.1 |
2021-12-15 | CVE-2021-20330 | Improper Input Validation vulnerability in Mongodb An attacker with basic CRUD permissions on a replicated collection can run the applyOps command with specially malformed oplog entries, resulting in a potential denial of service on secondaries. | 6.5 |