Description

A user authorized to perform database queries may cause denial of service by issuing specially crafted queries, which violate an invariant in the query subsystem's support for geoNear. This issue affects MongoDB Server v4.4 versions prior to 4.4.0-rc7; MongoDB Server v4.2 versions prior to 4.2.8 and MongoDB Server v4.0 versions prior to 4.0.19.

Remediation

References

CVE-2020-7923

Related Vulnerabilities

Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-6514)

WordPress Plugin RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login Multiple Vulnerabilities (4.6.0.3)

Nexus Repository Manager CVE-2019-15893 Vulnerability (CVE-2019-15893)

Joomla! Core 3.x.x Denial of Service (3.0.0 - 3.2.5)

WordPress Plugin MyThemeShop Theme/Plugin Updater Cross-Site Scripting (1.2.3)

Severity

Medium

Classification

CVE-2020-7923 CWE-755 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities