WEB APPLICATION VULNERABILITIES Standard & Premium

MongoDb Other Vulnerability (CVE-2018-20802)

Description

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries with compound indexes affecting QueryPlanner. This issue affects MongoDB Server v3.6 versions prior to 3.6.9 and MongoDB Server v4.0 versions prior to 4.0.3.

Remediation

References

Related Vulnerabilities

Next.js URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-15242)

WordPress Plugin WPS Hide Login Security Bypass (1.5.4.2)

MySQL CVE-2018-2786 Vulnerability (CVE-2018-2786)

MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-31554)

Apache Traffic Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-9494)

Severity

Medium

Classification

CVE-2018-20802 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities