Candidate: CVE-2020-7923
PublicDate: 2020-08-21 15:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7923
 https://jira.mongodb.org/browse/SERVER-47773
 https://github.com/mongodb/mongo/commit/c8ced6df8f620daaa2e539f192f2eef356c63e9c
Description:
 A user authorized to perform database queries may cause denial of service
 by issuing specially crafted queries, which violate an invariant in the
 query subsystem's support for geoNear. This issue affects: MongoDB Inc.
 MongoDB Server v4.4 versions prior to 4.4.0-rc7; v4.2 versions prior to
 4.2.8; v4.0 versions prior to 4.0.19.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H [6.5 MEDIUM]


Patches_mongodb:
upstream_mongodb: needs-triage
precise/esm_mongodb: DNE
trusty_mongodb: ignored (out of standard support)
trusty/esm_mongodb: needs-triage
xenial_mongodb: ignored (end of standard support, was needs-triage)
bionic_mongodb: needs-triage
focal_mongodb: needs-triage
groovy_mongodb: DNE
hirsute_mongodb: DNE
impish_mongodb: DNE
jammy_mongodb: DNE
devel_mongodb: DNE