FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
880bca8f-e201-11e9-8af7-08002720423d	mongodb -- Attach IDs to users Mitch Wasson of Cisco's Advanced Malware Protection Group reports: After user deletion in MongoDB Server the improper invalidation of authorization sessions allows an authenticated user's session to persist and become conflated with new accounts, if those accounts reuse the names of deleted ones. Discovery 2019-08-06 Entry 2019-09-28 mongodb34 lt 3.4.22 mongodb36 lt 3.6.13 mongodb40 lt 4.0.9 CVE-2019-2386 https://jira.mongodb.org/browse/SERVER-38984

VuXML ID

Description

880bca8f-e201-11e9-8af7-08002720423d

mongodb -- Attach IDs to users

Mitch Wasson of Cisco's Advanced Malware Protection Group reports:

After user deletion in MongoDB Server the improper invalidation of authorization sessions allows an authenticated user's session to persist and become conflated with new accounts, if those accounts reuse the names of deleted ones.

Discovery 2019-08-06
Entry 2019-09-28
mongodb34

lt 3.4.22

mongodb36

lt 3.6.13

mongodb40

lt 4.0.9

CVE-2019-2386
https://jira.mongodb.org/browse/SERVER-38984