CVE-2019-20925

An unauthenticated client can trigger denial of service by issuing specially crafted wire protocol messages, which cause the message decompressor to incorrectly allocate memory. This issue affects: MongoDB Inc. MongoDB Server v4.2 versions prior to 4.2.1; v4.0 versions prior to 4.0.13; v3.6 versions prior to 3.6.15; v3.4 versions prior to 3.4.24.
References
Link Resource
https://jira.mongodb.org/browse/SERVER-43751 Issue Tracking Patch
Configurations

Configuration 1

cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*

Information

Published : 2020-11-24 11:15

Updated : 2020-12-03 05:31


NVD link : CVE-2019-20925

Mitre link : CVE-2019-20925

Products Affected
No products.
CWE