AVG-503

Package mongodb
Status Fixed
Severity High
Type arbitrary code execution
Affected 3.4.9-1
Fixed 3.6.0-1
Current 4.0.2-1 [community]
Ticket FS#56379
Created Sun Nov 19 14:06:32 2017
Issue Severity Remote Type Description
CVE-2017-15535 High Yes Arbitrary code execution
MongoDB 3.4.x before 3.4.10, has a disabled-by-default configuration setting, networkMessageCompressors (aka wire protocol compression), which exposes a...
Date Advisory Package Description
05 Jan 2018 ASA-201801-5 mongodb arbitrary code execution