Mongodb: Security Vulnerabilities
bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an "invalid DBRef."
CVSS Score
4.3
EPSS Score
0.026
Published
2013-08-15
MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authenticated users to obtain internal system privileges by leveraging a username of __system in an arbitrary database.
CVSS Score
6.5
EPSS Score
0.005
Published
2013-07-04
Page 10