CNNVD-202511-2797 Information
CNNVD ID
CNNVD-202511-2797
Related CVE
- CNNVD Published: 2025-11-25
Description (Chinese)
MongoDB Server是美国MongoDB公司的一套开源的NoSQL数据库。该数据库提供面向集合的存储、动态查询、数据复制及自动故障转移等功能。 MongoDB Server 7.0版本至7.0.26之前版本、8.0版本至8.0.16之前版本和8.2版本至8.2.1之前版本存在安全漏洞,该漏洞源于对象大小验证不一致,可能导致进程终止。
Description (English)
MongoDB Server is an open-source NoSQL database for MongoDB in the United States. The database provides a collection-oriented memory, dynamic queries, data replication and automatic downtime transfer. MongoDB Server 7.0 to 7.0.26, 8.0 to 8.0.16 and 8.2 to 8.2.1 had a security loophole, which stemmed from inconsistent object size verification and could lead to the termination of the process.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
MongoDB
Published
2025-11-25
Last Modified
2026-02-24
References
https://jira.mongodb.org/browse/SERVER-108565 https://vigilance.fr/vulnerability/MongoDB-Server-assertion-error-via-Time-series-Writes-Bucket-Size-48854 https://access.redhat.com/security/cve/cve-2025-13507
Patch
https://github.com/mongodb/mongo/tags
Share on: