Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-20803

Опубликовано: 23 нояб. 2020
Источник: debian
EPSS Низкий

Описание

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which loop indefinitely in mathematics processing while retaining locks. This issue affects MongoDB Server v4.0 versions prior to 4.0.5; MongoDB Server v3.6 versions prior to 3.6.10 and MongoDB Server v3.4 versions prior to 3.4.19.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
mongodbremovedpackage
mongodbpostponedstretchpackage

Примечания

  • https://jira.mongodb.org/browse/SERVER-38070

  • https://github.com/mongodb/mongo/commit/a2d97db8fe449d15eb8e275bbf318491781472bf (v3.4.19, AGPL)

  • Introduced by: https://github.com/mongodb/mongo/commit/a8176cf1da9fdbcc48334bfb3c71fedf37e77879 (v3.1.7)

EPSS

Процентиль: 62%
0.00426
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2018-20803

CVSS3: 6.5
ubuntu
около 5 лет назад

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which loop indefinitely in mathematics processing while retaining locks. This issue affects MongoDB Server v4.0 versions prior to 4.0.5; MongoDB Server v3.6 versions prior to 3.6.10 and MongoDB Server v3.4 versions prior to 3.4.19.

redhat логотип

CVE-2018-20803

CVSS3: 6.5
redhat
около 5 лет назад

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which loop indefinitely in mathematics processing while retaining locks. This issue affects MongoDB Server v4.0 versions prior to 4.0.5; MongoDB Server v3.6 versions prior to 3.6.10 and MongoDB Server v3.4 versions prior to 3.4.19.

nvd логотип

CVE-2018-20803

CVSS3: 6.5
nvd
около 5 лет назад

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which loop indefinitely in mathematics processing while retaining locks. This issue affects MongoDB Server v4.0 versions prior to 4.0.5; MongoDB Server v3.6 versions prior to 3.6.10 and MongoDB Server v3.4 versions prior to 3.4.19.

github логотип

GHSA-w7g3-8fq6-h7f2

CVSS3: 6.5
github
больше 3 лет назад

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which loop indefinitely in mathematics processing while retaining locks. This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4.0.5; v3.6 versions prior to 3.6.10; v3.4 versions prior to 3.4.19.

EPSS

Процентиль: 62%
0.00426
Низкий