Vulnerabilities > Mongodb > Mongodb > 4.2.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-12 | CVE-2021-32040 | Out-of-bounds Write vulnerability in Mongodb It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the size of the stack frames used by that stage. | 7.5 |
| 2022-02-04 | CVE-2021-32036 | Allocation of Resources Without Limits or Throttling vulnerability in Mongodb An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high volume may lead to resource depletion or generate high lock contention. | 7.1 |
| 2021-12-15 | CVE-2021-20330 | Improper Input Validation vulnerability in Mongodb An attacker with basic CRUD permissions on a replicated collection can run the applyOps command with specially malformed oplog entries, resulting in a potential denial of service on secondaries. | 6.5 |
| 2021-07-23 | CVE-2021-20333 | Improper Encoding or Escaping of Output vulnerability in Mongodb Sending specially crafted commands to a MongoDB Server may result in artificial log entries being generated or for log entries to be split. | 5.3 |