Количество 7
Количество 7
CVE-2025-6713
An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB Server v8.0 versions prior to 8.0.7, MongoDB Server v7.0 versions prior to 7.0.19 and MongoDB Server v6.0 versions prior to 6.0.22
CVE-2025-6713
An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB Server v8.0 versions prior to 8.0.7, MongoDB Server v7.0 versions prior to 7.0.19 and MongoDB Server v6.0 versions prior to 6.0.22
CVE-2025-6713
An unauthorized user may leverage a specially crafted aggregation pipe ...
GHSA-p3jv-2cpc-349v
An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB Server v8.0 versions prior to 8.0.7, MongoDB Server v7.0 versions prior to 7.0.20 and MongoDB Server v6.0 versions prior to 6.0.22
BDU:2025-11726
Уязвимость сервера системы управления базами данных MongoDB, позволяющая нарушителю повысить свои привилегии
ROS-20250806-09
Множественные уязвимости mongodb-org
ROS-20250806-08
Множественные уязвимости mongodb-org
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-6713 An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB Server v8.0 versions prior to 8.0.7, MongoDB Server v7.0 versions prior to 7.0.19 and MongoDB Server v6.0 versions prior to 6.0.22 | CVSS3: 7.7 | 0% Низкий | 5 месяцев назад |
 | CVE-2025-6713 An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB Server v8.0 versions prior to 8.0.7, MongoDB Server v7.0 versions prior to 7.0.19 and MongoDB Server v6.0 versions prior to 6.0.22 | CVSS3: 7.7 | 0% Низкий | 5 месяцев назад |
| CVE-2025-6713 An unauthorized user may leverage a specially crafted aggregation pipe ... | CVSS3: 7.7 | 0% Низкий | 5 месяцев назад |
| GHSA-p3jv-2cpc-349v An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB Server v8.0 versions prior to 8.0.7, MongoDB Server v7.0 versions prior to 7.0.20 and MongoDB Server v6.0 versions prior to 6.0.22 | CVSS3: 7.7 | 0% Низкий | 5 месяцев назад |
 | BDU:2025-11726 Уязвимость сервера системы управления базами данных MongoDB, позволяющая нарушителю повысить свои привилегии | CVSS3: 7.7 | 0% Низкий | 5 месяцев назад |
 | ROS-20250806-09 Множественные уязвимости mongodb-org | CVSS3: 7.7 | 4 месяца назад | |
| ROS-20250806-08 Множественные уязвимости mongodb-org | CVSS3: 7.7 | 4 месяца назад |
Уязвимостей на страницу