An unauthenticated user can trigger a fatal assertion in the server while generating ftdc diagnostic metrics due to attempting to build a BSON object that exceeds certain memory sizes. This issue affects MongoDB Server v5.0 versions prior to and including 5.0.16 and MongoDB Server v6.0 versions prior to and including 6.0.5.
References
Link | Resource |
---|---|
https://jira.mongodb.org/browse/SERVER-75601 | Issue Tracking Vendor Advisory |
https://jira.mongodb.org/browse/SERVER-75601 | Issue Tracking Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
29 Sep 2025, 18:05
Type | Values Removed | Values Added |
---|---|---|
First Time |
Mongodb mongodb
Mongodb |
|
CPE | cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:* | |
References | () https://jira.mongodb.org/browse/SERVER-75601 - Issue Tracking, Vendor Advisory |
21 Nov 2024, 09:29
Type | Values Removed | Values Added |
---|---|---|
References | () https://jira.mongodb.org/browse/SERVER-75601 - |
14 May 2024, 19:17
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-05-14 16:17
Updated : 2025-09-29 18:05
NVD link : CVE-2024-3374
Mitre link : CVE-2024-3374
CVE.ORG link : CVE-2024-3374
JSON object : View
Products Affected
mongodb
- mongodb
CWE
CWE-617
Reachable Assertion