{"id":"CVE-2018-20804","details":"A user authorized to perform database queries may trigger denial of service by issuing specially crafted applyOps invocations. This issue affects MongoDB Server v4.0 versions prior to 4.0.10 and MongoDB Server v3.6 versions prior to 3.6.13.","modified":"2026-04-11T14:54:26.784966Z","published":"2020-11-23T16:15:12.197Z","references":[{"type":"REPORT","url":"https://jira.mongodb.org/browse/SERVER-35636"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mongodb/mongo","events":[{"introduced":"a57d8e71e6998a2d0afde7edc11bd23e5661c915"},{"fixed":"db3c76679b7a3d9b443a0e1b3e45ed02b88c539f"},{"introduced":"3b07af3d4f471ae89e8186d33bbb1d5259597d51"},{"fixed":"c389e7f69f637f7a1ac3cc9fae843b635f20b766"}],"database_specific":{"versions":[{"introduced":"3.6.0"},{"fixed":"3.6.13"},{"introduced":"4.0.0"},{"fixed":"4.0.10"}]}}],"versions":["r3.6.0","r3.6.1","r3.6.1-rc0","r3.6.1-rc1","r3.6.10","r3.6.10-rc0","r3.6.10-rc1","r3.6.11","r3.6.11-rc0","r3.6.11-rc1","r3.6.11-rc2","r3.6.12","r3.6.12-rc0","r3.6.12-rc1","r3.6.13-rc0","r3.6.2","r3.6.2-rc0","r3.6.3","r3.6.3-rc0","r3.6.3-rc1","r3.6.4","r3.6.4-rc0","r3.6.5","r3.6.5-rc0","r3.6.6","r3.6.6-rc0","r3.6.7","r3.6.7-rc0","r3.6.7-rc1","r3.6.8","r3.6.8-rc0","r3.6.8-rc1","r3.6.9","r3.6.9-rc0","r4.0.0","r4.0.1","r4.0.1-rc0","r4.0.1-rc1","r4.0.10-rc0","r4.0.2","r4.0.2-rc0","r4.0.3","r4.0.3-rc0","r4.0.4","r4.0.4-rc0","r4.0.4-rc1","r4.0.4-rc2","r4.0.5","r4.0.5-rc0","r4.0.5-rc1","r4.0.6","r4.0.6-rc0","r4.0.6-rc1","r4.0.7","r4.0.7-rc0","r4.0.7-rc1","r4.0.8","r4.0.8-rc0","r4.0.9","r4.0.9-rc0"],"database_specific":{"vanir_signatures":[{"deprecated":false,"id":"CVE-2018-20804-708ef0e6","target":{"file":"src/mongo/s/write_ops/batch_write_op.cpp"},"digest":{"threshold":0.9,"line_hashes":["175603822783044971019641112208146333316","175970064386882756922064184835545998872","280890145546106279720669451529096251243","177145452068869207173493918846944381727","313900252086444751672369110289130781353","179223562212308464752110380330641384963"]},"signature_version":"v1","signature_type":"Line","source":"https://github.com/mongodb/mongo/commit/db3c76679b7a3d9b443a0e1b3e45ed02b88c539f"},{"deprecated":false,"id":"CVE-2018-20804-88f2f84c","target":{"function":"BatchWriteOp::~BatchWriteOp","file":"src/mongo/s/write_ops/batch_write_op.cpp"},"digest":{"length":74,"function_hash":"151727694202851320526834926440811425131"},"signature_version":"v1","signature_type":"Function","source":"https://github.com/mongodb/mongo/commit/db3c76679b7a3d9b443a0e1b3e45ed02b88c539f"},{"deprecated":false,"id":"CVE-2018-20804-d75001a3","target":{"file":"src/mongo/db/storage/wiredtiger/wiredtiger_oplog_manager.cpp"},"digest":{"threshold":0.9,"line_hashes":["312287553513410227323734030972566420683","339060627389979159865010729741437226864","257731760090097810615638822053635781882","326017759011467743570910503699191818384"]},"signature_version":"v1","signature_type":"Line","source":"https://github.com/mongodb/mongo/commit/c389e7f69f637f7a1ac3cc9fae843b635f20b766"},{"deprecated":false,"id":"CVE-2018-20804-f4e9f373","target":{"file":"src/mongo/s/write_ops/batch_write_op.h"},"digest":{"threshold":0.9,"line_hashes":["340004267183464091978939854210276221300","142313603819071205760085014427835771346","204488877892569140033225998406769054398","38671843303958937785731461894518042107"]},"signature_version":"v1","signature_type":"Line","source":"https://github.com/mongodb/mongo/commit/db3c76679b7a3d9b443a0e1b3e45ed02b88c539f"}],"vanir_signatures_modified":"2026-04-11T14:54:26Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-20804.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}