MongoDB 0.6.4 for Visual Studio Code

CPE Details

MongoDB 0.6.4 for Visual Studio Code
0.6.4
2022-01-26
16h26 +00:00
2022-01-26
17h37 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:mongodb:mongodb:0.6.4:*:*:*:*:visual_studio_code:*:*

Informations

Vendor

mongodb

Product

mongodb

Version

0.6.4

Target Software

visual_studio_code

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-32039 2022-01-20 14h50 +00:00 Users with appropriate file access may be able to access unencrypted user credentials saved by MongoDB Extension for VS Code in a binary file. These credentials may be used by malicious attackers to perform unauthorized actions. This vulnerability affects all MongoDB Extension for VS Code including and prior to version 0.7.0
5.5
Moyen
CVE-2014-8180 2017-06-06 16h00 +00:00 MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service.
5.5
Moyen
CVE-2016-6494 2016-10-03 16h00 +00:00 The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.
5.5
Moyen
CVE-2015-1609 2015-03-30 12h00 +00:00 MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request.
5
CVE-2012-6619 2014-03-06 14h00 +00:00 The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service (crash) or read system memory via a crafted BSON object in the column name in an insert command, which triggers a buffer over-read.
6.4
CVE-2013-1892 2013-10-01 18h00 +00:00 MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.
6
CVE-2013-2132 2013-08-15 17h00 +00:00 bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an "invalid DBRef."
4.3