Search Results (Refine Search)
- Keyword (text search): cpe:/a:mongodb:mongodb:3.2
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2021-32036 |
An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high volume may lead to resource depletion or generate high lock contention. This may result in denial of service and in rare cases could result in id field collisions. This issue affects MongoDB Server v5.0 versions prior to and including 5.0.3; MongoDB Server v4.4 versions prior to and including 4.4.9; MongoDB Server v4.2 versions prior to and including 4.2.16 and MongoDB Server v4.0 versions prior to and including 4.0.28 Published: February 04, 2022; 6:15:11 PM -0500 |
V3.1: 7.1 HIGH V2.0: 5.5 MEDIUM |
CVE-2016-6494 |
The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files. Published: October 03, 2016; 2:59:10 PM -0400 |
V3.0: 5.5 MEDIUM V2.0: 2.1 LOW |