Описание
A compromised third party cloud server or man-in-the-middle attacker could send a malformed HTTP response and cause a crash in applications using the MongoDB C driver.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mongo-c-driver | fixed | 2.2.3-1 | package |
Примечания
https://jira.mongodb.org/browse/CDRIVER-6251
Fixed by: https://github.com/mongodb/mongo-c-driver/commit/b93ebe6b99e614b49a24316c7a295eb3f08af603 (2.2.3)
EPSS
Связанные уязвимости
A flaw was found in mongo-c-driver. A compromised third-party cloud server or a man-in-the-middle (MITM) attacker could send a malformed HTTP response. This could cause applications using the MongoDB C driver to crash, leading to a Denial of Service.
A compromised third party cloud server or man-in-the-middle attacker could send a malformed HTTP response and cause a crash in applications using the MongoDB C driver.
A compromised third party cloud server or man-in-the-middle attacker could send a malformed HTTP response and cause a crash in applications using the MongoDB C driver.
EPSS