MongoDB MongoDB 4.4.0 Release Candidate 1
Approved changes feed: RSS · Atom
cpe:2.3:a:mongodb:mongodb:4.4.0:rc1:*:*:*:*:*:*
part: a version: 4.4.0 update: rc1
| Vendor | Mongodb (1aa156a6-63a9-5032-baaf-10197d408a1e) |
|---|---|
| Product | Mongodb (fa9f1f9b-0cc9-5830-a189-b908276ac432) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/mongodb |
purl2cpe | 2026-06-01 10:11:17.775589 |
pkg:deb/ubuntu/mongodb |
purl2cpe | 2026-06-01 10:11:17.775591 |
pkg:github/mongodb/mongo |
purl2cpe | 2026-06-01 10:11:17.775592 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-7925 |
vulnerable | 2026-06-03 14:43:07.742609 |
Denial of Service when processing malformed Role names
HIGH (7.5)
Incorrect validation of user input in the role name parser may lead to use of uninitialized memory allowing an unauthenticated attacker to use a specially crafted request to cause a denial of service. This issue affects MongoDB Server v4.4 versions prior to 4.4.0-rc12; MongoDB Server v4.2 versions prior to 4.2.9.
Published: 2020-11-23T14:50:12.258Z
Updated: 2024-09-17T00:20:32.900Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.