Description
A user authorized to perform database queries may trigger a read overrun and access arbitrary memory by issuing specially crafted queries. This issue affects MongoDB Server v4.4 versions prior to 4.4.1; MongoDB Server v4.2 versions prior to 4.2.9; MongoDB Server v4.0 versions prior to 4.0.20 and MongoDB Server v3.6 versions prior to 3.6.20.
Remediation
References
Related Vulnerabilities
WordPress 4.8.x Arbitrary File Deletion Vulnerability (4.8 - 4.8.6)
Drupal Inefficient Regular Expression Complexity Vulnerability (CVE-2022-24729)
Drupal Improper Input Validation Vulnerability (CVE-2019-6342)
WordPress Plugin Download Theme Arbitrary Directory Download (1.0.2)
Claroline Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3716)