Vulnerability Database
289,599
Total vulnerabilities in the database
CVE-2025-1756
mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privilege, when a crafted file is stored in C:\node_modules. This issue affects mongosh prior to 2.3.0
| Software | From | Fixed in |
|---|---|---|
mongosh
|
- | 2.3.0 |
| mongodb / mongosh | - | 2.3.0 |
| redhat / enterprise_linux_for_arm_64 | 9.4_aarch64 | 9.4_aarch64.x |
| redhat / enterprise_linux_for_power_little_endian_eus | 9.4_ppc64le | 9.4_ppc64le.x |
| redhat / enterprise_linux_for_ibm_z_systems | 9.4_s390x | 9.4_s390x.x |
| redhat / enterprise_linux_for_arm_64_eus | 9.4_aarch64 | 9.4_aarch64.x |
| redhat / enterprise_linux_for_ibm_z_systems_eus | 9.4_s390x | 9.4_s390x.x |
| redhat / enterprise_linux_server_aus | 9.4 | 9.4.x |
| redhat / enterprise_linux_eus | 9.4 | 9.4.x |
| redhat / enterprise_linux_update_services_for_sap_solutions | 9.4 | 9.4.x |
| redhat / codeready_linux_builder_eus | 9.4 | 9.4.x |
| redhat / codeready_linux_builder_for_ibm_z_systems_eus | 9.4_s390x | 9.4_s390x.x |
| redhat / codeready_linux_builder_for_arm64_eus | 9.4_aarch64 | 9.4_aarch64.x |
| redhat / codeready_linux_builder_for_power_little_endian_eus | 9.4_ppc64le | 9.4_ppc64le.x |