BIT-mongodb-2025-3084

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/mongodb/BIT-mongodb-2025-3084.json

JSON Data

https://api.osv.dev/v1/vulns/BIT-mongodb-2025-3084

Aliases

CVE-2025-3084

Published

2025-09-25T08:47:26.320Z

Modified

2025-09-25T09:27:24.638419Z

Summary

MongoDB Server may crash due to improper validation of explain command

Details

When run on commands with certain arguments set, explain may fail to validate these arguments before using them. This can lead to crashes in router servers. This affects MongoDB Server v5.0 prior to 5.0.31, MongoDB Server v6.0 prior to 6.0.20, MongoDB Server v7.0 prior to 7.0.16 and MongoDB Server v8.0 prior to 8.0.4

Database specific

{
    "severity": "Medium",
    "cpes": [
        "cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*"
    ]
}

References

Affected packages

Bitnami / mongodb

Package

Name: mongodb
Purl: pkg:bitnami/mongodb

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

5.0.0

Fixed

5.0.31

Introduced

6.0.0

Fixed

6.0.20

Introduced

7.0.0

Fixed

7.0.16

Introduced

8.0.0

Fixed

8.0.4

Database specific

source

"https://github.com/bitnami/vulndb/tree/main/data/mongodb/BIT-mongodb-2025-3084.json"