Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 6.1.1, 6.0.4, 6.2.0-rc2, 6.3.0-rc0
Affects Version/s: None
Component/s: None
Labels:
- sharding-wfbf-day

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Backport Requested:

v6.2, v6.1, v6.0
Sprint:
Sharding EMEA 2022-11-28
Linked BF Score:
143
CAR Domain/s:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name(s):
None
Goal Link:
None

CVE ID:
CVE-2024-8654

Title:
MongoDB Server may access non-initialized region of memory leading to unexpected behaviour

Description:
MongoDB Server may access non-initialized region of memory leading to unexpected behaviour when zero arguments are called in internal aggregation stage. This issue affected MongoDB Server v6.0 version 6.0.3.

CVSS Score:
5.0 - https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

List all affected product versions:
MongoDB Server v6.0 version 6.0.3

CWE:
CWE-908: Use of Uninitialized Resource

is caused by

SERVER-69465 Accept same specs for $_internalAllCollectionStats as $collStats

Closed

Assignee:: Pol Pinol
Reporter:: Pol Pinol
Participants:: Githook User, Pol Pinol
Votes:: 0 Vote for this issue
Watchers:: 5 Start watching this issue

Created:: Nov 18 2022 11:30:15 AM UTC
Updated:: Sep 10 2024 01:35:18 PM UTC
Resolved:: Nov 22 2022 09:46:07 AM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates