Security Advisory

CVE-2020-7925

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-11-23 14:50:12

Last updated 2024-09-17 00:20:32

Assigner mongodb

State PUBLISHED

Description

Incorrect validation of user input in the role name parser may lead to use of uninitialized memory allowing an unauthenticated attacker to use a specially crafted request to cause a denial of service. This issue affects MongoDB Server v4.4 versions prior to 4.4.0-rc12; MongoDB Server v4.2 versions prior to 4.2.9.

← Browse all CVEs View on cve.org ↗