← Zuruck zu CVEs
CVE-2025-11979
MEDIUM5.3
Beschreibung
An authorized user may crash the MongoDB server by causing buffer over-read. This can be done by issuing a DDL operation while queries are being issued, under some conditions. This issue affects MongoDB Server v7.0 versions prior to 7.0.25, MongoDB Server v8.0 versions prior to 8.0.15, and MongoDB Server version 8.2.0.
CVE Details
CVSS v3.1 Bewertung5.3
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
AngriffsvektorNETWORK
KomplexitatHIGH
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht10/20/2025
Zuletzt geandert12/4/2025
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
mongodb:mongodb
Schwachen (CWE)
CWE-416
Referenzen
https://jira.mongodb.org/browse/SERVER-105873(cna@mongodb.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.