Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2025-AVI-0309
Vulnerability from certfr_avis - Published: 2025-04-11 - Updated: 2025-04-11
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Storage Protect | Storage Protect Plus versions 10.1.x antérieures à 10.1.17 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Storage Protect Plus versions 10.1.x ant\u00e9rieures \u00e0 10.1.17",
"product": {
"name": "Storage Protect",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2023-25577",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25577"
},
{
"name": "CVE-2023-52448",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52448"
},
{
"name": "CVE-2024-36974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36974"
},
{
"name": "CVE-2023-1076",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1076"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-49766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49766"
},
{
"name": "CVE-2024-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26603"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2024-56326",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56326"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2023-23934",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23934"
},
{
"name": "CVE-2024-2466",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2466"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-52492",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52492"
},
{
"name": "CVE-2024-34069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34069"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2024-36881",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36881"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2022-36280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36280"
},
{
"name": "CVE-2023-1409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1409"
},
{
"name": "CVE-2023-52475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52475"
},
{
"name": "CVE-2024-7553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7553"
},
{
"name": "CVE-2020-25659",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25659"
},
{
"name": "CVE-2023-6240",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6240"
},
{
"name": "CVE-2024-22195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2024-26782",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26782"
},
{
"name": "CVE-2024-8207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8207"
},
{
"name": "CVE-2024-2379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2379"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2024-3372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3372"
},
{
"name": "CVE-2024-26803",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26803"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2024-36882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36882"
},
{
"name": "CVE-2023-46136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46136"
},
{
"name": "CVE-2023-52439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52439"
},
{
"name": "CVE-2023-38325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38325"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2024-56201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56201"
},
{
"name": "CVE-2023-3961",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3961"
},
{
"name": "CVE-2024-0841",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0841"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2024-41042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41042"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2024-1151",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1151"
},
{
"name": "CVE-2024-26646",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26646"
},
{
"name": "CVE-2020-36242",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36242"
},
{
"name": "CVE-2024-36015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36015"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52434"
},
{
"name": "CVE-2024-49767",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49767"
},
{
"name": "CVE-2023-52458",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52458"
},
{
"name": "CVE-2024-26602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26602"
},
{
"name": "CVE-2023-52466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52466"
},
{
"name": "CVE-2024-26591",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26591"
},
{
"name": "CVE-2024-26611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26611"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2024-34064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34064"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2024-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0340"
},
{
"name": "CVE-2024-35995",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35995"
}
],
"initial_release_date": "2025-04-11T00:00:00",
"last_revision_date": "2025-04-11T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0309",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-04-10",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7230557",
"url": "https://www.ibm.com/support/pages/node/7230557"
}
]
}
CVE-2024-56201 (GCVE-0-2024-56201)
Vulnerability from cvelistv5 – Published: 2024-12-23 15:37 – Updated: 2025-02-18 21:47
VLAI
EPSS
Title
Jinja has a sandbox breakout through malicious filenames
Summary
Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. This vulnerability is fixed in 3.1.5.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-150 - Improper Neutralization of Escape, Meta, or Control Sequences
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/pallets/jinja/security/advisor… | x_refsource_CONFIRM |
| https://github.com/pallets/jinja/issues/1792 | x_refsource_MISC |
| https://github.com/pallets/jinja/commit/767b23617… | x_refsource_MISC |
| https://github.com/pallets/jinja/releases/tag/3.1.5 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-56201",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-24T01:44:55.825619Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T21:47:42.763Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jinja",
"vendor": "pallets",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.1.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja\u0027s sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. This vulnerability is fixed in 3.1.5."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-150",
"description": "CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-08T16:06:29.739Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699"
},
{
"name": "https://github.com/pallets/jinja/issues/1792",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pallets/jinja/issues/1792"
},
{
"name": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f"
},
{
"name": "https://github.com/pallets/jinja/releases/tag/3.1.5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pallets/jinja/releases/tag/3.1.5"
}
],
"source": {
"advisory": "GHSA-gmj6-6f8f-6699",
"discovery": "UNKNOWN"
},
"title": "Jinja has a sandbox breakout through malicious filenames"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-56201",
"datePublished": "2024-12-23T15:37:36.110Z",
"dateReserved": "2024-12-18T18:29:25.896Z",
"dateUpdated": "2025-02-18T21:47:42.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-56326 (GCVE-0-2024-56326)
Vulnerability from cvelistv5 – Published: 2024-12-23 15:43 – Updated: 2025-11-03 19:32
VLAI
EPSS
Title
Jinja has a sandbox breakout through indirect reference to format method
Summary
Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's format method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox. This vulnerability is fixed in 3.1.5.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/pallets/jinja/security/advisor… | x_refsource_CONFIRM |
| https://github.com/pallets/jinja/commit/48b0687e0… | x_refsource_MISC |
| https://github.com/pallets/jinja/releases/tag/3.1.5 | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2025… |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-56326",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T17:50:50.460995Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T17:54:33.724Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:32:16.045Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jinja",
"vendor": "pallets",
"versions": [
{
"status": "affected",
"version": "\u003c 3.1.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja\u0027s sandbox does catch calls to str.format and ensures they don\u0027t escape the sandbox. However, it\u0027s possible to store a reference to a malicious string\u0027s format method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox. This vulnerability is fixed in 3.1.5."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693: Protection Mechanism Failure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-23T15:43:49.400Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h"
},
{
"name": "https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4"
},
{
"name": "https://github.com/pallets/jinja/releases/tag/3.1.5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pallets/jinja/releases/tag/3.1.5"
}
],
"source": {
"advisory": "GHSA-q2x7-8rv6-6q7h",
"discovery": "UNKNOWN"
},
"title": "Jinja has a sandbox breakout through indirect reference to format method"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-56326",
"datePublished": "2024-12-23T15:43:49.400Z",
"dateReserved": "2024-12-19T18:34:22.764Z",
"dateUpdated": "2025-11-03T19:32:16.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-7553 (GCVE-0-2024-7553)
Vulnerability from cvelistv5 – Published: 2024-08-07 09:57 – Updated: 2024-08-07 15:27
VLAI
EPSS
Title
Accessing Untrusted Directory May Allow Local Privilege Escalation
Summary
Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing arbitrary behaviour determined by the contents of untrusted files. This issue affects MongoDB Server v5.0 versions prior to 5.0.27, MongoDB Server v6.0 versions prior to 6.0.16, MongoDB Server v7.0 versions prior to 7.0.12, MongoDB Server v7.3 versions prior 7.3.3, MongoDB C Driver versions prior to 1.26.2 and MongoDB PHP Driver versions prior to 1.18.1.
Required Configuration:
Only environments with Windows as the underlying operating system is affected by this issue
Severity
7.3 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
5.0 , < 5.0.27
(custom)
Affected: 6.0 , < 6.0.16 (custom) Affected: 7.0 , < 7.0.12 (custom) Affected: 7.3 , < 7.3.3 (custom) cpe:2.3:a:mongodb:mongodb:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.5:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.6:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.7:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.8:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.9:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.10:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.11:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.12:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.13:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.14:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.15:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.16:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.17:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.18:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.19:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.20:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.21:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.22:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.23:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.24:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.25:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.26:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.5:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.6:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.7:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.8:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.9:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.10:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.11:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.12:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.13:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.14:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.15:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.7:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.8:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.9:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.10:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.11:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.3.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.3.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.3.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:c_driver:0.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.3.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.4:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.5:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.5.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.5.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.6:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.7:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.7.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.8:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.8.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.90.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.92.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.92.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.94.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.94.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.96.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.96.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.96.4:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.98.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:0.98.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.0.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.0.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.1.0:-:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.1.0:rc0:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.1.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.1.4:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.1.5:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.1.6:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.1.7:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.1.8:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.1.9:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.1.10:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.1.11:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.2.0:-:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.2.0:beta:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.2.0:beta1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.2.0:rc0:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.2.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.2.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.2.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.2.4:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.3.0:-:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.3.0:beta0:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.3.0:rc0:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.3.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.3.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.3.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.3.4:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.3.5:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.3.6:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.4.0:-:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.4.0:beta0:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.4.0:beta1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.4.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.4.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.4.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.5.0:-:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.5.0:rc0:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.5.0:rc1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.5.0:rc2:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.5.0:rc3:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.5.0:rc4:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.5.0:rc6:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.5.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.5.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.5.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.5.4:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.5.5:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.6.0:-:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.6.0:rc0:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.6.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.6.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.6.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.7.0:-:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.7.0:rc0:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.7.0:rc1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.7.0:rc2:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.8.0:-:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.8.0:rc0:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.8.0:rc1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.8.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.8.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.9.0:-:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.9.0:rc0:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.9.0:rc1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.9.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.9.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.9.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.9.4:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.9.5:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.10.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.10.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.10.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.10.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.11.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.12.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.13.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.13.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.14.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.14.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.15.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.15.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.15.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.15.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.16.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.16.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.16.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.17.0:-:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.17.0:beta:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.17.0:beta2:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.17.0:rc0:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.17.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.17.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.17.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.17.4:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.17.5:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.17.6:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.17.7:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.18.0:alpha:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.18.0:alpha2:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.18.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.19.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.19.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.19.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.20.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.20.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.21.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.21.0:beta0:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.21.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.21.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.22.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.22.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.22.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.23.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.23.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.23.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.23.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.23.4:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.23.5:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.24.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.24.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.24.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.24.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.24.4:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.25.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.25.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.25.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.25.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.25.4:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.26.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:c_driver:1.26.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:0.1.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:0.1.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:0.1.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:0.1.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:0.1.4:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:0.1.5:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:0.2.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:0.3.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:0.3.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:0.4.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:0.4.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:0.5.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:0.5.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:0.6.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:0.6.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:0.6.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:0.6.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.0.0:-:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.0.0:alpha1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.0.0:alpha2:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.0.0:beta1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.0.0:beta2:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.0.0:rc0:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.0.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.1.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.1.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.1.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.1.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.1.4:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.1.5:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.1.6:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.1.7:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.1.8:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.1.9:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.1.10:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.2.0:-:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.2.0:alpha1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.2.0:alpha2:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.2.0:alpha3:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.2.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.2.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.2.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.2.4:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.2.5:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.2.6:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.2.7:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.2.8:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.2.9:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.2.10:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.2.11:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.3.0:-:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.3.0:beta1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.3.0:beta2:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.3.0:rc1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.3.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.3.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.3.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.3.4:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.4.0:-:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.4.0:beta1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.4.0:rc1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.4.0:rc2:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.4.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.4.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.4.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.4.4:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.5.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.5.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.5.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.5.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.5.4:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.5.5:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.6.0:-:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.6.0:alpha1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.6.0:alpha2:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.6.0:alpha3:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.6.0:rc1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.6.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.7.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.7.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.7.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.7.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.7.4:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.7.5:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.8.0:-:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.8.0:beta1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.8.0:beta2:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.8.0:rc1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.8.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.8.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.9.0:-:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.9.0:rc1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.9.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.9.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.10.0:alpha1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.10.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.11.0:alpha1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.11.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.11.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.12.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.12.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.13.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.14.0:beta1:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.14.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.14.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.14.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.15.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.15.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.15.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.15.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.16.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.16.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.16.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.17.0:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.17.1:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.17.2:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.17.3:*:*:*:*:mongodb:*:* cpe:2.3:a:mongodb:php_driver:1.18.0:*:*:*:*:mongodb:*:* |
|
| MongoDB Inc | MongoDB C Driver |
Affected:
0 , < 1.26.2
(custom)
|
|
| MongoDB Inc | MongoDB PHP Driver |
Affected:
0 , < 1.18.1
(custom)
|
Date Public
2024-08-07 09:55
Credits
T. Doğa Gelişli
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7553",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T15:27:26.847490Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T15:27:46.258Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:mongodb:mongodb:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.13:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.14:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.15:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.16:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.17:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.18:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.19:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.20:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.21:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.22:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.23:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.24:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.25:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.26:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.13:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.14:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.15:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.3.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.3.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.3.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:c_driver:0.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.3.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.4:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.5:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.5.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.5.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.6:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.7:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.7.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.8:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.8.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.90.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.92.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.92.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.94.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.94.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.96.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.96.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.96.4:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.98.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:0.98.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.0.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.0.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.1.0:-:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.1.0:rc0:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.1.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.1.4:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.1.5:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.1.6:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.1.7:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.1.8:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.1.9:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.1.10:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.1.11:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.2.0:-:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.2.0:beta:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.2.0:beta1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.2.0:rc0:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.2.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.2.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.2.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.2.4:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.3.0:-:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.3.0:beta0:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.3.0:rc0:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.3.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.3.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.3.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.3.4:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.3.5:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.3.6:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.4.0:-:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.4.0:beta0:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.4.0:beta1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.4.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.4.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.4.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.5.0:-:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.5.0:rc0:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.5.0:rc1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.5.0:rc2:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.5.0:rc3:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.5.0:rc4:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.5.0:rc6:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.5.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.5.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.5.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.5.4:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.5.5:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.6.0:-:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.6.0:rc0:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.6.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.6.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.6.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.7.0:-:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.7.0:rc0:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.7.0:rc1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.7.0:rc2:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.8.0:-:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.8.0:rc0:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.8.0:rc1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.8.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.8.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.9.0:-:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.9.0:rc0:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.9.0:rc1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.9.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.9.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.9.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.9.4:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.9.5:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.10.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.10.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.10.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.10.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.11.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.12.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.13.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.13.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.14.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.14.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.15.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.15.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.15.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.15.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.16.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.16.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.16.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.17.0:-:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.17.0:beta:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.17.0:beta2:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.17.0:rc0:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.17.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.17.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.17.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.17.4:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.17.5:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.17.6:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.17.7:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.18.0:alpha:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.18.0:alpha2:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.18.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.19.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.19.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.19.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.20.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.20.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.21.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.21.0:beta0:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.21.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.21.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.22.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.22.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.22.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.23.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.23.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.23.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.23.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.23.4:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.23.5:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.24.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.24.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.24.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.24.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.24.4:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.25.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.25.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.25.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.25.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.25.4:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.26.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:c_driver:1.26.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:0.1.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:0.1.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:0.1.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:0.1.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:0.1.4:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:0.1.5:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:0.2.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:0.3.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:0.3.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:0.4.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:0.4.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:0.5.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:0.5.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:0.6.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:0.6.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:0.6.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:0.6.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.0.0:-:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.0.0:alpha1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.0.0:alpha2:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.0.0:beta1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.0.0:beta2:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.0.0:rc0:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.0.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.1.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.1.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.1.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.1.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.1.4:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.1.5:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.1.6:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.1.7:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.1.8:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.1.9:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.1.10:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.2.0:-:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.2.0:alpha1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.2.0:alpha2:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.2.0:alpha3:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.2.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.2.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.2.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.2.4:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.2.5:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.2.6:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.2.7:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.2.8:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.2.9:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.2.10:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.2.11:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.3.0:-:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.3.0:beta1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.3.0:beta2:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.3.0:rc1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.3.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.3.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.3.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.3.4:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.4.0:-:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.4.0:beta1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.4.0:rc1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.4.0:rc2:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.4.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.4.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.4.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.4.4:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.5.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.5.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.5.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.5.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.5.4:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.5.5:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.6.0:-:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.6.0:alpha1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.6.0:alpha2:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.6.0:alpha3:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.6.0:rc1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.6.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.7.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.7.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.7.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.7.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.7.4:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.7.5:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.8.0:-:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.8.0:beta1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.8.0:beta2:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.8.0:rc1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.8.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.8.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.9.0:-:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.9.0:rc1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.9.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.9.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.10.0:alpha1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.10.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.11.0:alpha1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.11.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.11.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.12.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.12.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.13.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.14.0:beta1:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.14.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.14.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.14.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.15.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.15.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.15.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.15.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.16.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.16.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.16.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.17.0:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.17.1:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.17.2:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.17.3:*:*:*:*:mongodb:*:*",
"cpe:2.3:a:mongodb:php_driver:1.18.0:*:*:*:*:mongodb:*:*"
],
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "5.0.27",
"status": "affected",
"version": "5.0",
"versionType": "custom"
},
{
"lessThan": "6.0.16",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"lessThan": "7.0.12",
"status": "affected",
"version": "7.0",
"versionType": "custom"
},
{
"lessThan": "7.3.3",
"status": "affected",
"version": "7.3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MongoDB C Driver",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "1.26.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MongoDB PHP Driver",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "1.18.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: var(--wht);\"\u003eOnly environments with Windows as the underlying operating system is affected by this issue\u003c/span\u003e\u003cbr\u003e\u003ci\u003e\u003cbr\u003e\u003c/i\u003e\u003cbr\u003e"
}
],
"value": "Only environments with Windows as the underlying operating system is affected by this issue"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "T. Do\u011fa Geli\u015fli"
}
],
"datePublic": "2024-08-07T09:55:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIncorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing arbitrary behaviour determined by the contents of untrusted files. This issue affects MongoDB Server v5.0 versions prior to 5.0.27, MongoDB Server v6.0 versions prior to 6.0.16, MongoDB Server v7.0 versions prior to 7.0.12, MongoDB Server v7.3 versions prior 7.3.3, MongoDB C Driver versions prior to 1.26.2 and MongoDB PHP Driver versions prior to 1.18.1.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e\u003cp\u003e\u003cb\u003eRequired Configuration:\u003c/b\u003e\u003c/p\u003e\u003cp\u003eOnly environments with Windows as the underlying operating system is affected by this issue\u003c/p\u003e"
}
],
"value": "Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing arbitrary behaviour determined by the contents of untrusted files. This issue affects MongoDB Server v5.0 versions prior to 5.0.27, MongoDB Server v6.0 versions prior to 6.0.16, MongoDB Server v7.0 versions prior to 7.0.12, MongoDB Server v7.3 versions prior 7.3.3, MongoDB C Driver versions prior to 1.26.2 and MongoDB PHP Driver versions prior to 1.18.1.\n\nRequired Configuration:\n\nOnly environments with Windows as the underlying operating system is affected by this issue"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T12:51:42.281Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/PHPC-2369"
},
{
"url": "https://jira.mongodb.org/browse/SERVER-93211"
},
{
"url": "https://jira.mongodb.org/browse/CDRIVER-5650"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Accessing Untrusted Directory May Allow Local Privilege Escalation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2024-7553",
"datePublished": "2024-08-07T09:57:49.818Z",
"dateReserved": "2024-08-06T08:34:10.195Z",
"dateUpdated": "2024-08-07T15:27:46.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8207 (GCVE-0-2024-8207)
Vulnerability from cvelistv5 – Published: 2024-08-27 11:28 – Updated: 2025-05-16 23:02
VLAI
EPSS
Title
MongoDB Server binaries may load potentially insecure shared libraries from specific relative paths
Summary
In certain highly specific configurations of the host system and MongoDB server binary installation on Linux Operating Systems, it may be possible for a unintended actor with host-level access to cause the MongoDB Server binary to load unintended actor-controlled shared libraries when the server binary is started, potentially resulting in the unintended actor gaining full control over the MongoDB server process. This issue affects MongoDB Server v5.0 versions prior to 5.0.14 and MongoDB Server v6.0 versions prior to 6.0.3.
Required Configuration: Only environments with Linux as the underlying operating system is affected by this issue
Severity
6.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-114 - Process Control
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
6.0 , < 6.0.3
(custom)
Affected: 5.0 , < 5.0.14 (custom) cpe:2.3:a:mongodb:mongodb:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.5:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.6:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.7:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.8:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.9:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.10:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.11:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.12:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:5.0.13:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.2:*:*:*:*:*:*:* |
Date Public
2024-08-27 10:23
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8207",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T13:02:38.851298Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T13:02:51.911Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-05-16T23:02:59.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250516-0009/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:mongodb:mongodb:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:5.0.13:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.2:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "6.0.3",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"lessThan": "5.0.14",
"status": "affected",
"version": "5.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eOnly environments with Linux as the underlying operating system is affected by this issue\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Only environments with Linux as the underlying operating system is affected by this issue"
}
],
"datePublic": "2024-08-27T10:23:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn certain highly specific configurations of the host system and MongoDB server binary installation on Linux Operating Systems, it may be possible for a unintended actor with host-level access to cause the MongoDB Server binary to load unintended actor-controlled shared libraries when the server binary is started, potentially resulting in the unintended actor gaining full control over the MongoDB server process. This issue affects MongoDB Server v5.0 versions prior to 5.0.14 and MongoDB Server v6.0 versions prior to 6.0.3.\u003c/p\u003e\u003cp\u003eRequired Configuration: Only environments with Linux as the underlying operating system is affected by this issue\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "In certain highly specific configurations of the host system and MongoDB server binary installation on Linux Operating Systems, it may be possible for a unintended actor with host-level access to cause the MongoDB Server binary to load unintended actor-controlled shared libraries when the server binary is started, potentially resulting in the unintended actor gaining full control over the MongoDB server process. This issue affects MongoDB Server v5.0 versions prior to 5.0.14 and MongoDB Server v6.0 versions prior to 6.0.3.\n\nRequired Configuration: Only environments with Linux as the underlying operating system is affected by this issue"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-114",
"description": "CWE-114: Process Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T11:28:06.891Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-69507"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "MongoDB Server binaries may load potentially insecure shared libraries from specific relative paths",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2024-8207",
"datePublished": "2024-08-27T11:28:06.891Z",
"dateReserved": "2024-08-27T09:59:41.085Z",
"dateUpdated": "2025-05-16T23:02:59.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…