CNNVD-202506-3316 Information
CNNVD ID
CNNVD-202506-3316
Related CVE
- CNNVD Published: 2025-06-26
Description (Chinese)
MongoDB Server是美国MongoDB公司的一套开源的NoSQL数据库。该数据库提供面向集合的存储、动态查询、数据复制及自动故障转移等功能。 MongoDB Server v7.0 7.0.17之前版本和v8.0 8.0.5之前版本存在安全漏洞,该漏洞源于JSON输入处理不当,可能导致拒绝服务攻击。
Description (English)
MongoDB Server is an open-source NoSQL database for MongoDB in the United States. The database provides a collection-oriented memory, dynamic queries, data replication and automatic downtime transfer. There is a security loophole in the pre-MongoDB Server v. 7.0.17 and v. 8.0 8.5 versions, which stems from the mishandling of JSON input, which may lead to a denial of service attack.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
MongoDB
Published
2025-06-26
Last Modified
2026-02-24
References
https://jira.mongodb.org/browse/SERVER-106748 https://vigilance.fr/vulnerability/MongoDB-Server-denial-of-service-via-OIDC-Authentication-47551
Patch
https://jira.mongodb.org/browse/SERVER-106748
Share on: