CVE-2018-25004
01.03.2021, 17:15
A user authorized to performing a specific type of query may trigger a denial of service by issuing a generic explain command on a find query. This issue affects MongoDB Server v4.0 versions prior to 4.0.6 and MongoDB Server v3.6 versions prior to 3.6.11.Enginsight
| Vendor | Product | Version |
|---|---|---|
| mongodb | mongodb | 3.6.0 ≤ 𝑥 < 3.6.11 |
| mongodb | mongodb | 4.0.0 ≤ 𝑥 < 4.0.6 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Common Weakness Enumeration