Количество 7
Количество 7
BDU:2025-11726
Уязвимость сервера системы управления базами данных MongoDB, позволяющая нарушителю повысить свои привилегии
CVE-2025-6713
An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB Server v8.0 versions prior to 8.0.7, MongoDB Server v7.0 versions prior to 7.0.19 and MongoDB Server v6.0 versions prior to 6.0.22
CVE-2025-6713
An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB Server v8.0 versions prior to 8.0.7, MongoDB Server v7.0 versions prior to 7.0.19 and MongoDB Server v6.0 versions prior to 6.0.22
CVE-2025-6713
An unauthorized user may leverage a specially crafted aggregation pipe ...
GHSA-p3jv-2cpc-349v
An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB Server v8.0 versions prior to 8.0.7, MongoDB Server v7.0 versions prior to 7.0.20 and MongoDB Server v6.0 versions prior to 6.0.22
ROS-20250806-09
Множественные уязвимости mongodb-org
ROS-20250806-08
Множественные уязвимости mongodb-org
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2025-11726 Уязвимость сервера системы управления базами данных MongoDB, позволяющая нарушителю повысить свои привилегии | CVSS3: 7.7 | 0% Низкий | 3 месяца назад |
 | CVE-2025-6713 An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB Server v8.0 versions prior to 8.0.7, MongoDB Server v7.0 versions prior to 7.0.19 and MongoDB Server v6.0 versions prior to 6.0.22 | CVSS3: 7.7 | 0% Низкий | 3 месяца назад |
 | CVE-2025-6713 An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB Server v8.0 versions prior to 8.0.7, MongoDB Server v7.0 versions prior to 7.0.19 and MongoDB Server v6.0 versions prior to 6.0.22 | CVSS3: 7.7 | 0% Низкий | 3 месяца назад |
| CVE-2025-6713 An unauthorized user may leverage a specially crafted aggregation pipe ... | CVSS3: 7.7 | 0% Низкий | 3 месяца назад |
| GHSA-p3jv-2cpc-349v An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB Server v8.0 versions prior to 8.0.7, MongoDB Server v7.0 versions prior to 7.0.20 and MongoDB Server v6.0 versions prior to 6.0.22 | CVSS3: 7.7 | 0% Низкий | 3 месяца назад |
 | ROS-20250806-09 Множественные уязвимости mongodb-org | CVSS3: 7.7 | 2 месяца назад | |
| ROS-20250806-08 Множественные уязвимости mongodb-org | CVSS3: 7.7 | 2 месяца назад |
Уязвимостей на страницу