CSOonline

High severity flaw in MongoDB could allow memory leakage

Document database vendor MongoDB has advised customers to update immediately following the discovery of a flaw that could allow unauthenticated users to read uninitialized heap memory. Designated ...
heise online

"MongoBleed": Exploit for critical vulnerability in MongoDB makes attacks easier

According to the details about the vulnerability published shortly before Christmas, attackers can exploit a flaw in the zlib compression software to access non-reset dynamic memory (heap memory).