Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-20805

Опубликовано: 23 нояб. 2020
Источник: debian
EPSS Низкий

Описание

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which perform an $elemMatch . This issue affects MongoDB Server v4.0 versions prior to 4.0.5 and MongoDB Server v3.6 versions prior to 3.6.10.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
mongodbremovedpackage
mongodbnot-affectedstretchpackage

Примечания

  • https://jira.mongodb.org/browse/SERVER-38164

  • https://github.com/mongodb/mongo/commit/66316884a4b1180a8cceb6381e3c51e56586fc3e (v3.6.10, SSPL)

  • Introduced by: https://github.com/mongodb/mongo/commit/f77527a942347313e2848e050e89480bc3cadb95 (v3.5.4)

EPSS

Процентиль: 62%
0.00426
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2018-20805

CVSS3: 6.5
ubuntu
около 5 лет назад

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which perform an $elemMatch . This issue affects MongoDB Server v4.0 versions prior to 4.0.5 and MongoDB Server v3.6 versions prior to 3.6.10.

redhat логотип

CVE-2018-20805

CVSS3: 6.5
redhat
около 5 лет назад

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which perform an $elemMatch . This issue affects MongoDB Server v4.0 versions prior to 4.0.5 and MongoDB Server v3.6 versions prior to 3.6.10.

nvd логотип

CVE-2018-20805

CVSS3: 6.5
nvd
около 5 лет назад

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which perform an $elemMatch . This issue affects MongoDB Server v4.0 versions prior to 4.0.5 and MongoDB Server v3.6 versions prior to 3.6.10.

github логотип

GHSA-h55v-wgpx-c3rf

CVSS3: 6.5
github
больше 3 лет назад

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which perform an $elemMatch This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4.0.5; v3.6 versions prior to 3.6.10. This issue affects: MongoDB Inc. MongoDB Server 3.6 versions prior to 3.6.10; 4.0 versions prior to 4.0.5.

EPSS

Процентиль: 62%
0.00426
Низкий