ГлавнаяУязвимости → CVE-2025-1756
7.5высокая

CVE-2025-1756

Описание

mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privilege, when a crafted file is stored in C:\node_modules\. This issue affects mongosh prior to 2.3.0

Затрагиваемое ПО
Mongodb MongoshRedhat Codeready linux builder eusRedhat Codeready linux builder for arm64 eusRedhat Codeready linux builder for ibm z systems eusRedhat Codeready linux builder for power little endian eusRedhat Enterprise linux update services for sap solutionsRedhat Enterprise linux eusRedhat Enterprise linux for arm 64Redhat Enterprise linux for arm 64 eusRedhat Enterprise linux for ibm z systemsRedhat Enterprise linux for ibm z systems eusRedhat Enterprise linux for power little endian eusRedhat Enterprise linux server aus
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
Источники
https://jira.mongodb.org/browse/MONGOSH-2028https://access.redhat.com/errata/RHSA-2025:1756