CVE-2024-8305

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-8305

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-8305.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-8305

Aliases

BIT-mongodb-2024-8305

Related

UBUNTU-CVE-2024-8305

Published

2024-10-21T15:15:04Z

Modified

2025-02-14T11:57:33.907420Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

prepareUnique index may cause secondaries to crash due to incorrect enforcement of index constraints on secondaries, where in extreme cases may cause multiple secondaries crashing leading to no primaries. This issue affects MongoDB Server v6.0 versions prior to 6.0.17, MongoDB Server v7.0 versions prior to 7.0.13 and MongoDB Server v7.3 versions prior to 7.3.4

References

https://jira.mongodb.org/browse/SERVER-92382

Affected packages

Git / github.com/mongodb/mongo

Affected ranges

Type: GIT
Repo: https://github.com/mongodb/mongo
Events: Introduced

e61bf27c2f6a83fed36e5a13c008a32d563babe2

Fixed

04582a1f37ad7812d26c031fb0edd9d1a48d925f

Affected versions

r6.*

r6.0.0

r6.0.1

r6.0.1-rc0

r6.0.10

r6.0.10-rc0

r6.0.11

r6.0.11-rc0

r6.0.12

r6.0.12-rc0

r6.0.12-rc1

r6.0.13

r6.0.13-rc0

r6.0.14

r6.0.14-rc0

r6.0.14-rc1

r6.0.15

r6.0.15-rc0

r6.0.16

r6.0.16-rc0

r6.0.2

r6.0.2-rc0

r6.0.2-rc1

r6.0.3

r6.0.3-rc0

r6.0.3-rc1

r6.0.3-rc2

r6.0.4

r6.0.4-rc0

r6.0.4-rc1

r6.0.5

r6.0.5-rc0

r6.0.5-rc1

r6.0.6

r6.0.6-rc0

r6.0.6-rc1

r6.0.7

r6.0.7-rc0

r6.0.8

r6.0.8-rc0

r6.0.9

r6.0.9-rc0

r6.0.9-rc1