CVE-2021-32036

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-32036
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32036.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-32036
Aliases
Related
Published
2022-02-04T23:15:11Z
Modified
2025-02-18T22:28:35Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVSS Calculator
Summary
[none]
Details

An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high volume may lead to resource depletion or generate high lock contention. This may result in denial of service and in rare cases could result in id field collisions. This issue affects MongoDB Server v5.0 versions prior to and including 5.0.3; MongoDB Server v4.4 versions prior to and including 4.4.9; MongoDB Server v4.2 versions prior to and including 4.2.16 and MongoDB Server v4.0 versions prior to and including 4.0.28

References

Affected packages

Git / github.com/mongodb/mongo

Affected ranges

Type
GIT
Repo
https://github.com/mongodb/mongo
Events