Description
An authorized user may trigger crashes or receive the contents of buffer over-reads of Server memory by issuing specially crafted requests that construct malformed BSON in the MongoDB Server. This issue affects MongoDB Server v5.0 versions prior to 5.0.30 , MongoDB Server v6.0 versions prior to 6.0.19, MongoDB Server v7.0 versions prior to 7.0.15 and MongoDB Server v8.0 versions prior to and including 8.0.2.
Remediation
References
Related Vulnerabilities
WordPress Plugin Quiz Maker Multiple SQL Injection Vulnerabilities (6.2.0.8)
Oracle Database Server Other Vulnerability (CVE-2001-0943)
Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.7.14)
Oracle Application Server Other Vulnerability (CVE-2006-5360)
Jboss EAP Improper Input Validation Vulnerability (CVE-2018-1000873)