An unauthenticated client can trigger denial of service by issuing specially crafted wire protocol messages, which cause the message decompressor to incorrectly allocate memory. This issue affects MongoDB Server v4.2 versions before 4.2.1; MongoDB Server v4.0 versions before 4.0.13; MongoDB Server v3.6 versions before 3.6.15 and MongoDB Server v3.4 versions before 3.4.24.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mongodb mongodb |