vulnerability
FreeBSD: VID-32F5E57F-107F-11F0-8195-B42E991FC52E (CVE-2025-3083): MongoDB -- Malformed wire protocol messages may cause mongos to crash
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | 2025-04-01 | 2025-04-05 | 2025-04-11 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
2025-04-01
Added
2025-04-05
Modified
2025-04-11
Description
Specifically crafted MongoDB wire protocol messages can cause mongos to crash during command validation. This can occur without using an authenticated connection. This issue affects MongoDB v5.0 versions prior to 5.0.31, MongoDB v6.0 versions prior to 6.0.20 and MongoDB v7.0 versions prior to 7.0.16
Solution(s)
freebsd-upgrade-package-mongodb50freebsd-upgrade-package-mongodb60freebsd-upgrade-package-mongodb70
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.