Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-2393

Опубликовано: 23 нояб. 2020
Источник: redhat
CVSS3: 6.5
EPSS Низкий

Описание

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to 4.0.13 and MongoDB Server v3.6 versions prior to 3.6.15.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Advanced Cluster Management for Kubernetes 2mongodbNot affected
Red Hat OpenStack Platform 10 (Newton)mongodbOut of support scope
Red Hat Software Collectionsrh-mongodb36-mongodbWill not fix
Red Hat Update Infrastructure 3 for Cloud ProvidersmongodbNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=1900867mongodb: Denial of service via crafted queries which use $lookup and collations

EPSS

Процентиль: 62%
0.00426
Низкий

6.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-2393

CVSS3: 6.5
ubuntu
около 5 лет назад

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to 4.0.13 and MongoDB Server v3.6 versions prior to 3.6.15.

nvd логотип

CVE-2019-2393

CVSS3: 6.5
nvd
около 5 лет назад

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to 4.0.13 and MongoDB Server v3.6 versions prior to 3.6.15.

debian логотип

CVE-2019-2393

CVSS3: 6.5
debian
около 5 лет назад

A user authorized to perform database queries may trigger denial of se ...

github логотип

GHSA-q356-m8pw-frv3

CVSS3: 6.5
github
больше 3 лет назад

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. This issue affects: MongoDB Inc. MongoDB Server v4.2 versions prior to 4.2.1; v4.0 versions prior to 4.0.13; v3.6 versions prior to 3.6.15.

EPSS

Процентиль: 62%
0.00426
Низкий

6.5 Medium

CVSS3