UBUNTU-CVE-2021-32036

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2021-32036

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-32036.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2021-32036

Related

CVE-2021-32036

Published

2022-02-04T23:15:00Z

Modified

2025-06-03T17:35:40Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L CVSS Calculator
7.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVSS Calculator

Summary

[none]

Details

An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high volume may lead to resource depletion or generate high lock contention. This may result in denial of service and in rare cases could result in id field collisions. This issue affects MongoDB Server v5.0 versions prior to and including 5.0.3; MongoDB Server v4.4 versions prior to and including 4.4.9; MongoDB Server v4.2 versions prior to and including 4.2.16 and MongoDB Server v4.0 versions prior to and including 4.0.28

References

Affected packages

Ubuntu:Pro:14.04:LTS / mongodb

Package

Name: mongodb
Purl: pkg:deb/ubuntu/mongodb@1:2.4.9-1ubuntu2?arch=source&distro=esm-infra-legacy/trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:2.*

1:2.4.6-0ubuntu5

1:2.4.6-0ubuntu6

1:2.4.8-1ubuntu1

1:2.4.8-2

1:2.4.9-1

1:2.4.9-1ubuntu1

1:2.4.9-1ubuntu2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:16.04:LTS / mongodb

Package

Name: mongodb
Purl: pkg:deb/ubuntu/mongodb@1:2.6.10-0ubuntu1?arch=source&distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:2.*

1:2.6.10-0ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / mongodb

Package

Name: mongodb
Purl: pkg:deb/ubuntu/mongodb@1:3.6.3-0ubuntu1.4?arch=source&distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:3.*

1:3.4.7-1

1:3.4.7-1ubuntu1

1:3.4.7-1ubuntu2

1:3.4.7-1ubuntu4

1:3.4.14-3ubuntu1

1:3.4.14-3ubuntu2

1:3.6.3-0ubuntu1

1:3.6.3-0ubuntu1.1

1:3.6.3-0ubuntu1.3

1:3.6.3-0ubuntu1.4

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:20.04:LTS / mongodb

Package

Name: mongodb
Purl: pkg:deb/ubuntu/mongodb@1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3?arch=source&distro=esm-apps/focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:3.*

1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu2

1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5

1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.2

1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}