WEB APPLICATION VULNERABILITIES Standard & Premium

MongoDb Other Vulnerability (CVE-2019-20923)

Description

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which throw unhandled Javascript exceptions containing types intended to be scoped to the Javascript engine's internals. This issue affects MongoDB Server v4.0 versions prior to 4.0.7.

Remediation

References

Related Vulnerabilities

WordPress Plugin uTubeVideo Gallery Unspecified Vulnerability (2.0.4)

Resin Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-2462)

e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0997)

IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1240)

Oracle JRE CVE-2012-3143 Vulnerability (CVE-2012-3143)

Severity

Medium

Classification

CVE-2019-20923 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities