CVE-2019-2392
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2019-2392
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-2392.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-2392
- Related
- Published
- 2020-11-23T16:15:12Z
- Modified
- 2025-02-19T03:00:33.313902Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use the $mod operator to overflow negative values. This issue affects: MongoDB Inc. MongoDB Server v4.4 versions prior to 4.4.1; v4.2 versions prior to 4.2.9; v4.0 versions prior to 4.0.20; v3.6 versions prior to 3.6.20.
- References
Affected packages
Git / github.com/mongodb/mongo
Affected versions
r3.*
r3.6.0
r3.6.1
r3.6.1-rc0
r3.6.1-rc1
r3.6.10
r3.6.10-rc0
r3.6.10-rc1
r3.6.11
r3.6.11-rc0
r3.6.11-rc1
r3.6.11-rc2
r3.6.12
r3.6.12-rc0
r3.6.12-rc1
r3.6.13
r3.6.13-rc0
r3.6.13-rc1
r3.6.14
r3.6.14-rc0
r3.6.15
r3.6.15-rc0
r3.6.15-rc1
r3.6.16
r3.6.16-rc0
r3.6.17
r3.6.17-rc0
r3.6.18
r3.6.18-rc0
r3.6.19
r3.6.19-rc0
r3.6.2
r3.6.2-rc0
r3.6.20-rc0
r3.6.20-rc1
r3.6.3
r3.6.3-rc0
r3.6.3-rc1
r3.6.4
r3.6.4-rc0
r3.6.5
r3.6.5-rc0
r3.6.6
r3.6.6-rc0
r3.6.7
r3.6.7-rc0
r3.6.7-rc1
r3.6.8
r3.6.8-rc0
r3.6.8-rc1
r3.6.9
r3.6.9-rc0