FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

MongoDB -- Ensure RoleGraph can serialize authentication restrictions to BSON

Affected packages
mongodb36 < 3.6.18
mongodb40 < 4.0.15
mongodb42 < 4.2.3

Details

VuXML ID d0be8e1f-b19a-11ea-94aa-b827eb2f57d4
Discovery 2020-01-10
Entry 2020-06-29

reports:

Improper serialization of MongoDB Server's internal authorization state permits a user with valid credentials to bypass IP source address protection mechanisms following administrative action.

Credit
Discovered by Tony Yesudas.

References

CVE Name CVE-2020-7921