BugZero found this defect 40 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
4/9/2024
MongoDB Server
No affected releases provided.
No fixed releases provided.
Suppose we have the following scenario: Start a session A A starts a transaction T1 and creates a client cursor called C We start a session B B starts a transaction T2 and sends a killCursor command for C Currently this is allowed to work and there's nothing preventing it succeeding. This means that from transaction T2 we can perform a non-transactionable operation on T1 as it will take effect immediately before T2 is committed. We should ideally ban this from the server as it is extremely counterintuitive and prone to errors.