FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

MongoDB -- Unauthorized access to underlying data

Affected packages
mongodb50 < 5.0.31
mongodb60 < 6.0.20
mongodb70 < 7.0.16

Details

VuXML ID 30418b26-107f-11f0-8195-b42e991fc52e
Discovery 2025-04-01
Entry 2025-04-03

cna@mongodb.com reports:

A user authorized to access a view may be able to alter the intended collation, allowing them to access to a different or unintended view of underlying data. This issue affects MongoDB Server v5.0 version prior to 5.0.31, MongoDB Server v6.0 version prior to 6.0.20, MongoDB Server v7.0 version prior to 7.0.14 and MongoDB Server v7.3 versions prior to 7.3.4.

[source]

References

CVE Name CVE-2025-3082
URL https://nvd.nist.gov/vuln/detail/CVE-2025-3082

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.