Vulnerabilities > Mongodb > Mongodb > 5.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-23 | CVE-2023-1409 | Improper Certificate Validation vulnerability in Mongodb If the MongoDB Server running on Windows or macOS is configured to use TLS with a specific set of configuration options that are already known to work securely in other platforms (e.g. | 7.5 |
| 2022-04-21 | CVE-2022-24272 | Reachable Assertion vulnerability in Mongodb An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. | 4.0 |
| 2022-04-12 | CVE-2021-32040 | Out-of-bounds Write vulnerability in Mongodb It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the size of the stack frames used by that stage. | 7.5 |
| 2022-02-04 | CVE-2021-32036 | Allocation of Resources Without Limits or Throttling vulnerability in Mongodb An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high volume may lead to resource depletion or generate high lock contention. | 7.1 |
| 2021-11-24 | CVE-2021-32037 | Reachable Assertion vulnerability in Mongodb 5.0.0/5.0.1/5.0.2 An authorized user may trigger an invariant which may result in denial of service or server exit if a relevant aggregation request is sent to a shard. | 6.5 |