Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
MongoDB may be susceptible to Invariant Failure in Transactions due Upsert Operation
Vulnerability Description
MongoDB Server may allow upsert operations retried within a transaction to violate unique index constraints, potentially causing an invariant failure and server crash during commit. This issue may be triggered by improper WriteUnitOfWork state management. This issue affects MongoDB Server v6.0 versions prior to 6.0.25, MongoDB Server v7.0 versions prior to 7.0.22 and MongoDB Server v8.0 versions prior to 8.0.12
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
在过期或释放后对资源进行操作
Vulnerability Title
MongoDB Server 安全漏洞
Vulnerability Description
MongoDB Server是美国MongoDB公司的一套开源的NoSQL数据库。该数据库提供面向集合的存储、动态查询、数据复制及自动故障转移等功能。 MongoDB Server v6.0.25之前版本、v7.0.22之前版本和v8.0.12之前版本存在安全漏洞,该漏洞源于WriteUnitOfWork状态管理不当,可能导致唯一索引约束违反和服务器崩溃。
CVSS Information
N/A
Vulnerability Type
N/A