CNNVD-202509-718 Information
CNNVD ID
CNNVD-202509-718
Related CVE
- CNNVD Published: 2025-09-05
Description (Chinese)
MongoDB Server是美国MongoDB公司的一套开源的NoSQL数据库。该数据库提供面向集合的存储、动态查询、数据复制及自动故障转移等功能。 MongoDB Server v6.0.25之前版本、v7.0.22之前版本和v8.0.12之前版本存在安全漏洞,该漏洞源于WriteUnitOfWork状态管理不当,可能导致唯一索引约束违反和服务器崩溃。
Description (English)
MongoDB Server is an open-source NoSQL database for MongoDB in the United States. The database provides a collection-oriented memory, dynamic queries, data replication and automatic downtime transfer. Pre-MongoDB Server v. 6.0.25, pre-V7.0.22 and pre-V8.8.012 have a security loophole, which stems from the mismanagement of WriteUnit OfWork ’ s state, which could lead to unique index violations and server breakdowns.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
MongoDB
Published
2025-09-05
Last Modified
2026-02-24
References
https://jira.mongodb.org/browse/SERVER-95524 https://access.redhat.com/security/cve/cve-2025-10060
Patch
https://jira.mongodb.org/browse/SERVER-95524
Share on: