CVE-2012-6619
Publication date 6 March 2014
Last updated 24 July 2024
Ubuntu priority
The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service (crash) or read system memory via a crafted BSON object in the column name in an insert command, which triggers a buffer over-read.
Status
Package | Ubuntu Release | Status |
---|---|---|
mongodb | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial |
Not affected
|
|
14.04 LTS trusty |
Not affected
|
|