FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mongodb -- Bump Windows package dependencies

Affected packages
mongodb34 < 3.4.22
mongodb36 < 3.6.14
mongodb40 < 4.0.11


VuXML ID fd2e0ca8-e3ae-11e9-8af7-08002720423d
Discovery 2019-08-06
Entry 2019-09-30

Rich Mirch reports:

An unprivileged user or program on Microsoft Windows which can create OpenSSL configuration files in a fixed location may cause utility programs shipped with MongoDB server versions less than 4.0.11, 3.6.14, and 3.4.22 to run attacker defined code as the user running the utility.


CVE Name CVE-2019-2390