FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
880bca8f-e201-11e9-8af7-08002720423dmongodb -- Attach IDs to users

Mitch Wasson of Cisco's Advanced Malware Protection Group reports:

After user deletion in MongoDB Server the improper invalidation of authorization sessions allows an authenticated user's session to persist and become conflated with new accounts, if those accounts reuse the names of deleted ones.


Discovery 2019-08-06
Entry 2019-09-28
mongodb34
lt 3.4.22

mongodb36
lt 3.6.13

mongodb40
lt 4.0.9

CVE-2019-2386
https://jira.mongodb.org/browse/SERVER-38984