mongodb
CVE Severity Distribution (All Time)
Timeline Overview
Recent CVEs
View allUnder certain configurations of --tlsCAFile and tls.CAFile, MongoDB Server may skip peer certificate validation which may result in untrusted connect…
When calling bson_utf8_validate on some inputs a loop with an exit condition that cannot be reached may occur, i.e. an infinite loop. This issue affe…
It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the…
An attacker with basic CRUD permissions on a replicated collection can run the applyOps command with specially malformed oplog entries, resulting in …
An authorized user may trigger an invariant which may result in denial of service or server exit if a relevant aggregation request is sent to a shard…
Specific MongoDB Rust Driver versions can include credentials used by the connection pool to authenticate connections in the monitoring event that is…
Specific versions of the MongoDB C# Driver may erroneously publish events containing authentication-related data to a command listener configured by …
A user authorized to perform database queries may trigger denial of service by issuing specially crafted query contain a type of regex. This issue af…
Specific versions of the Java driver that support client-side field level encryption (CSFLE) fail to perform correct host name verification on the KM…
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which throw unhandled Javascript ex…