"MongoDB 8.2.0 through 8.2.3 MongoDB 8.0.0 through 8.0.16 MongoDB 7.0.0 through 7.0.26 MongoDB 6.0.0 through 6.0.26 MongoDB 5.0.0 through 5.0.31 MongoDB 4.4.0 through 4.4.29 All MongoDB Server v4.2 versions All MongoDB Server v4.0 versions All MongoDB Server v3.6 versions"
"In its advisory, MongoDB "strongly suggested" that users upgrade immediately to the patched versions of the software: MongoDB 8.2.3, 8.0.17, 7.0.28, 6.0.27, 5.0.32, or 4.4.30."
"However, it said, "if you cannot upgrade immediately, disable zlib compression on the MongoDB Server by starting mongod or mongos with a networkMessageCompressors or a net.compression.compressors option that explicitly omits zlib.""
"MongoDB, one of the most popular NoSQL document databases for developers, says it currently has more than 62,000 customers worldwide, including 70% of the Fortune 100."
Multiple MongoDB Server versions are affected, including releases across the 8.2, 8.0, 7.0, 6.0, 5.0, 4.4 families and all v4.2, v4.0, and v3.6 releases. Patched releases are available as MongoDB 8.2.3, 8.0.17, 7.0.28, 6.0.27, 5.0.32, and 4.4.30 and should be applied immediately to mitigate the issue. If an immediate upgrade cannot be performed, zlib compression should be disabled on servers by starting mongod or mongos with networkMessageCompressors or net.compression.compressors options that explicitly omit zlib. MongoDB serves a large customer base, with over 62,000 customers including 70% of the Fortune 100.
Read at InfoWorld
Unable to calculate read time
Collection
[
|
...
]