Sign in Get started

← All advisories

Unrated severityNVD Advisory· Published Mar 30, 2015· Updated May 6, 2026

CVE-2015-1609

CVE-2015-1609

Description

MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request.

Affected products

10

MongoDB/MongoDB9 versions
cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*range: <=2.4.12
- cpe:2.3:a:mongodb:mongodb:2.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:mongodb:mongodb:2.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:mongodb:mongodb:2.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:mongodb:mongodb:2.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:mongodb:mongodb:2.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:mongodb:mongodb:2.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:mongodb:mongodb:2.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:mongodb:mongodb:2.6.7:*:*:*:*:*:*:*
Fedoraproject/Fedora
cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

News mentions

0

No linked articles in our index yet.