Description
MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors (aka wire protocol compression), which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory.
Remediation
References
Related Vulnerabilities
Liferay DXP Incorrect Default Permissions Vulnerability (CVE-2022-42130)
WordPress Plugin Auto Group Join Cross-Site Scripting (1.0)
Apache Tomcat Other Vulnerability (CVE-2002-1567)
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.14)
WordPress Plugin WordPress Poll Multiple SQL Injection and Security Bypass Vulnerabilities (34.04)