UBUNTU-CVE-2025-3082
- Source
- https://ubuntu.com/security/CVE-2025-3082
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-3082.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2025-3082
- Upstream
- Published
- 2025-04-01T11:15:00Z
- Modified
- 2026-04-13T12:15:54.064452Z
- Severity
-
- 3.1 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
A user authorized to access a view may be able to alter the intended collation, allowing them to access to a different or unintended view of underlying data. This issue affects MongoDB Server v5.0 version prior to 5.0.31, MongoDB Server v6.0 version prior to 6.0.20, MongoDB Server v7.0 version prior to 7.0.14 and MongoDB Server v7.3 versions prior to 7.3.4.
- References
Affected packages
Ubuntu:Pro:14.04:LTS / mongodb
Package
- Name
- mongodb
- Purl
- pkg:deb/ubuntu/mongodb@1:2.4.9-1ubuntu2+esm2?arch=source&distro=esm-infra-legacy/trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:2.*
1:2.4.6-0ubuntu5
1:2.4.6-0ubuntu6
1:2.4.8-1ubuntu1
1:2.4.8-2
1:2.4.9-1
1:2.4.9-1ubuntu1
1:2.4.9-1ubuntu2
1:2.4.9-1ubuntu2+esm2
Ecosystem specific
{
"binaries": [
{
"binary_name": "mongodb",
"binary_version": "1:2.4.9-1ubuntu2+esm2"
},
{
"binary_name": "mongodb-clients",
"binary_version": "1:2.4.9-1ubuntu2+esm2"
},
{
"binary_name": "mongodb-dev",
"binary_version": "1:2.4.9-1ubuntu2+esm2"
},
{
"binary_name": "mongodb-server",
"binary_version": "1:2.4.9-1ubuntu2+esm2"
}
]
}
Ubuntu:Pro:16.04:LTS / mongodb
Package
- Name
- mongodb
- Purl
- pkg:deb/ubuntu/mongodb@1:2.6.10-0ubuntu1+esm2?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:18.04:LTS / mongodb
Package
- Name
- mongodb
- Purl
- pkg:deb/ubuntu/mongodb@1:3.6.3-0ubuntu1.4+esm2?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:3.*
1:3.4.7-1
1:3.4.7-1ubuntu1
1:3.4.7-1ubuntu2
1:3.4.7-1ubuntu4
1:3.4.14-3ubuntu1
1:3.4.14-3ubuntu2
1:3.6.3-0ubuntu1
1:3.6.3-0ubuntu1.1
1:3.6.3-0ubuntu1.3
1:3.6.3-0ubuntu1.4
1:3.6.3-0ubuntu1.4+esm1
1:3.6.3-0ubuntu1.4+esm2
Ecosystem specific
{
"binaries": [
{
"binary_name": "mongodb",
"binary_version": "1:3.6.3-0ubuntu1.4+esm2"
},
{
"binary_name": "mongodb-clients",
"binary_version": "1:3.6.3-0ubuntu1.4+esm2"
},
{
"binary_name": "mongodb-server",
"binary_version": "1:3.6.3-0ubuntu1.4+esm2"
},
{
"binary_name": "mongodb-server-core",
"binary_version": "1:3.6.3-0ubuntu1.4+esm2"
}
]
}
Ubuntu:Pro:20.04:LTS / mongodb
Package
- Name
- mongodb
- Purl
- pkg:deb/ubuntu/mongodb@1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3+esm1?arch=source&distro=esm-apps/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:3.*
1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu2
1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5
1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.2
1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3
1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3+esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "mongodb",
"binary_version": "1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3+esm1"
},
{
"binary_name": "mongodb-clients",
"binary_version": "1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3+esm1"
},
{
"binary_name": "mongodb-server",
"binary_version": "1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3+esm1"
},
{
"binary_name": "mongodb-server-core",
"binary_version": "1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3+esm1"
}
]
}