MongoDB 1.8.0

CPE Details

MongoDB 1.8.0
mongodb
mongodb
1.8.0
2013-08-16
14h07 +00:00
2013-08-19
16h53 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:mongodb:mongodb:1.8.0:*:*:*:*:*:*:*

Informations

Vendor

mongodb

Product

mongodb

Version

1.8.0

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2014-8180 2017-06-06 16h00 +00:00 MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service.
5.5
Moyen
CVE-2016-6494 2016-10-03 16h00 +00:00 The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.
5.5
Moyen
CVE-2015-1609 2015-03-30 12h00 +00:00 MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request.
5
CVE-2012-6619 2014-03-06 14h00 +00:00 The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service (crash) or read system memory via a crafted BSON object in the column name in an insert command, which triggers a buffer over-read.
6.4
CVE-2013-1892 2013-10-01 18h00 +00:00 MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.
6
CVE-2013-2132 2013-08-15 17h00 +00:00 bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an "invalid DBRef."
4.3