-
Type: Bug
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: None
-
Fully Compatible
-
ALL
-
v6.2, v6.1, v6.0
-
Sharding EMEA 2022-11-28
-
143
CVE ID:
CVE-2024-8654
Title:
MongoDB Server may access non-initialized region of memory leading to unexpected behaviour
Description:
MongoDB Server may access non-initialized region of memory leading to unexpected behaviour when zero arguments are called in internal aggregation stage. This issue affected MongoDB Server v6.0 version 6.0.3.
CVSS Score:
5.0 - https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
List all affected product versions:
MongoDB Server v6.0 version 6.0.3
CWE:
CWE-908: Use of Uninitialized Resource
- is caused by
-
SERVER-69465 Accept same specs for $_internalAllCollectionStats as $collStats
- Closed