GCVE - cpe:2.3:a:mongodb:mongodb:7.3.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:mongodb:mongodb:7.3.0:*:*:*:*:*:*:*

part: a version: 7.3.0 update: *

Vendor	Mongodb (`1aa156a6-63a9-5032-baaf-10197d408a1e`)
Product	Mongodb (`fa9f1f9b-0cc9-5830-a189-b908276ac432`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:deb/debian/mongodb`	purl2cpe	2026-06-01 10:11:17.930706
`pkg:deb/ubuntu/mongodb`	purl2cpe	2026-06-01 10:11:17.930708
`pkg:github/mongodb/mongo`	purl2cpe	2026-06-01 10:11:17.930709

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-3082`	vulnerable	2026-06-03 15:01:03.583776	User may override a view's collation and gain unauthorized access to underlying data LOW (3.1) A user authorized to access a view may be able to alter the intended collation, allowing them to access to a different or unintended view of underlying data. This issue affects MongoDB Server v5.0 version prior to 5.0.31, MongoDB Server v6.0 version prior to 6.0.20, MongoDB Server v7.0 version prior to 7.0.14 and MongoDB Server v7.3 versions prior to 7.3.4. Published: 2025-04-01T11:08:06.589Z Updated: 2025-04-01T15:14:39.348Z Open on db.gcve.eu Reference links https://jira.mongodb.org/browse/SERVER-103151	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-8305`	vulnerable	2026-06-03 14:58:18.091173	MongoDB Server secondaries may crash due to forced index constraints MEDIUM (6.5) prepareUnique index may cause secondaries to crash due to incorrect enforcement of index constraints on secondaries, where in extreme cases may cause multiple secondaries crashing leading to no primaries. This issue affects MongoDB Server v6.0 versions prior to 6.0.17, MongoDB Server v7.0 versions prior to 7.0.13 and MongoDB Server v7.3 versions prior to 7.3.4 Published: 2024-10-21T14:10:31.079Z Updated: 2024-10-21T15:50:06.751Z Open on db.gcve.eu Reference links https://jira.mongodb.org/browse/SERVER-92382	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-7553`	vulnerable	2026-06-03 14:58:06.161206	Accessing Untrusted Directory May Allow Local Privilege Escalation HIGH (7.3) Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing arbitrary behaviour determined by the contents of untrusted files. This issue affects MongoDB Server v5.0 versions prior to 5.0.27, MongoDB Server v6.0 versions prior to 6.0.16, MongoDB Server v7.0 versions prior to 7.0.12, MongoDB Server v7.3 versions prior 7.3.3, MongoDB C Driver versions prior to 1.26.2 and MongoDB PHP Driver versions prior to 1.18.1. Required Configuration: Only environments with Windows as the underlying operating system is affected by this issue Published: 2024-08-07T09:57:49.818Z Updated: 2024-08-07T15:27:46.258Z Open on db.gcve.eu Reference links https://jira.mongodb.org/browse/PHPC-2369 https://jira.mongodb.org/browse/SERVER-93211 https://jira.mongodb.org/browse/CDRIVER-5650	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.