CVE-2020-7928

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-7928

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-7928.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-7928

Aliases

BIT-mongodb-2020-7928

Downstream

UBUNTU-CVE-2020-7928

Published

2020-11-23T17:15:12.797Z

Modified

2026-03-14T10:35:07.678270Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

A user authorized to perform database queries may trigger a read overrun and access arbitrary memory by issuing specially crafted queries. This issue affects MongoDB Server v4.4 versions prior to 4.4.1; MongoDB Server v4.2 versions prior to 4.2.9; MongoDB Server v4.0 versions prior to 4.0.20 and MongoDB Server v3.6 versions prior to 3.6.20.

References

https://jira.mongodb.org/browse/SERVER-49404

Affected packages

Git / github.com/mongodb/mongo

Affected ranges

Type

GIT

Repo

https://github.com/mongodb/mongo

Events

Introduced

a57d8e71e6998a2d0afde7edc11bd23e5661c915

Fixed

39c200878284912f19553901a6fea4b31531a899

Introduced

3b07af3d4f471ae89e8186d33bbb1d5259597d51

Fixed

e2416422da84a0b63cde2397d60b521758b56d1b

Introduced

a4b751dcf51dd249c5865812b390cfd1c0129c30

Fixed

06402114114ffc5146fd4b55402c96f1dc9ec4b5

Introduced

563487e100c4215e2dce98d0af2a6a5a2d67c5cf

Fixed

ad91a93a5a31e175f5cbf8c69561e788bbc55ce1

Database specific

{
    "versions": [
        {
            "introduced": "3.6.0"
        },
        {
            "fixed": "3.6.20"
        },
        {
            "introduced": "4.0.0"
        },
        {
            "fixed": "4.0.20"
        },
        {
            "introduced": "4.2.0"
        },
        {
            "fixed": "4.2.9"
        },
        {
            "introduced": "4.4.0"
        },
        {
            "fixed": "4.4.1"
        }
    ]
}

Affected versions

r3.*

r3.6.0

r3.6.1

r3.6.1-rc0

r3.6.1-rc1

r3.6.10

r3.6.10-rc0

r3.6.10-rc1

r3.6.11

r3.6.11-rc0

r3.6.11-rc1

r3.6.11-rc2

r3.6.12

r3.6.12-rc0

r3.6.12-rc1

r3.6.13

r3.6.13-rc0

r3.6.13-rc1

r3.6.14

r3.6.14-rc0

r3.6.15

r3.6.15-rc0

r3.6.15-rc1

r3.6.16

r3.6.16-rc0

r3.6.17

r3.6.17-rc0

r3.6.18

r3.6.18-rc0

r3.6.19

r3.6.19-rc0

r3.6.2

r3.6.2-rc0

r3.6.20-rc0

r3.6.20-rc1

r3.6.3

r3.6.3-rc0

r3.6.3-rc1

r3.6.4

r3.6.4-rc0

r3.6.5

r3.6.5-rc0

r3.6.6

r3.6.6-rc0

r3.6.7

r3.6.7-rc0

r3.6.7-rc1

r3.6.8

r3.6.8-rc0

r3.6.8-rc1

r3.6.9

r3.6.9-rc0

r4.*

r4.0.0

r4.0.1

r4.0.1-rc0

r4.0.1-rc1

r4.0.10

r4.0.10-rc0

r4.0.10-rc1

r4.0.11

r4.0.11-rc0

r4.0.12

r4.0.12-rc0

r4.0.12-rc1

r4.0.12-rc2

r4.0.13

r4.0.13-rc0

r4.0.14

r4.0.14-rc0

r4.0.14-rc1

r4.0.15

r4.0.15-rc0

r4.0.16

r4.0.16-rc0

r4.0.17

r4.0.17-rc0

r4.0.18

r4.0.18-rc0

r4.0.19

r4.0.19-rc0

r4.0.2

r4.0.2-rc0

r4.0.3

r4.0.3-rc0

r4.0.4

r4.0.4-rc0

r4.0.4-rc1

r4.0.4-rc2

r4.0.5

r4.0.5-rc0

r4.0.5-rc1

r4.0.6

r4.0.6-rc0

r4.0.6-rc1

r4.0.7

r4.0.7-rc0

r4.0.7-rc1

r4.0.8

r4.0.8-rc0

r4.0.9

r4.0.9-rc0

r4.2.0

r4.2.1

r4.2.1-rc0

r4.2.2

r4.2.2-rc0

r4.2.2-rc1

r4.2.3

r4.2.3-rc0

r4.2.3-rc1

r4.2.4

r4.2.4-rc0

r4.2.5

r4.2.5-rc0

r4.2.5-rc1

r4.2.6

r4.2.6-rc0

r4.2.7

r4.2.7-rc0

r4.2.7-rc1

r4.2.8

r4.2.8-rc0

r4.4.0

r4.4.1-rc0

r4.4.1-rc1

r4.4.1-rc2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-7928.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "4.5.0"
            },
            {
                "fixed": "4.5.1"
            }
        ]
    }
]

vanir_signatures

[
    {
        "signature_version": "v1",
        "target": {
            "file": "src/third_party/wiredtiger/src/txn/txn_recover.c",
            "function": "__wt_txn_recover"
        },
        "source": "https://github.com/mongodb/mongo/commit/ad91a93a5a31e175f5cbf8c69561e788bbc55ce1",
        "deprecated": false,
        "digest": {
            "function_hash": "151262211054760185720127152001316281250",
            "length": 5307.0
        },
        "id": "CVE-2020-7928-2d37e6c3",
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "target": {
            "file": "src/third_party/wiredtiger/src/txn/txn_recover.c",
            "function": "__recovery_file_scan"
        },
        "source": "https://github.com/mongodb/mongo/commit/ad91a93a5a31e175f5cbf8c69561e788bbc55ce1",
        "deprecated": false,
        "digest": {
            "function_hash": "222802404687574253373945116552049107396",
            "length": 595.0
        },
        "id": "CVE-2020-7928-6ed27bda",
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "target": {
            "file": "src/third_party/wiredtiger/src/txn/txn_recover.c"
        },
        "source": "https://github.com/mongodb/mongo/commit/ad91a93a5a31e175f5cbf8c69561e788bbc55ce1",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "277395883631913544235843059429904341778",
                "190131020086289323787365361718434822041",
                "156593639150803104870368656550091158247",
                "254599983326529039473066318940603712053",
                "246215242810397006687658517823238030194",
                "30585347245087757459584332338861806407",
                "161438447538539267520882034343628408421",
                "313471203792529671136136365005831013652",
                "123414515668546916026728107986940604788",
                "154943114112322522419481562731002026669",
                "36833237464877143329818463633626119100",
                "89153525433556070057976587890049189048"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2020-7928-98d23718",
        "signature_type": "Line"
    }
]