ReportizFlow
An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic argument (lsid) is provided in a case when it is not applicable. This affects MongoDB Server v6.0 versions prior to 6.0.x, MongoDB Server v7.0 versions prior to 7.0.18 and MongoDB Server v8.0 versions prior to 8.0.6.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Mongodb |
|
Configuration 1 [-]
|
No data.
References
History
Mon, 22 Sep 2025 17:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:* |
Sun, 07 Sep 2025 16:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Mongodb
Mongodb mongodb |
|
| Vendors & Products |
Mongodb
Mongodb mongodb |
Fri, 05 Sep 2025 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 05 Sep 2025 20:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic argument (lsid) is provided in a case when it is not applicable. This affects MongoDB Server v6.0 versions prior to 6.0.x, MongoDB Server v7.0 versions prior to 7.0.18 and MongoDB Server v8.0 versions prior to 8.0.6. | |
| Title | MongoDB Server router will crash when incorrect lsid is set on a sharded query | |
| Weaknesses | CWE-732 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: mongodb
Published: 2025-09-05T20:26:52.612Z
Updated: 2025-09-05T20:44:22.665Z
Reserved: 2025-09-05T20:10:54.977Z
Link: CVE-2025-10059
Vulnrichment
Updated: 2025-09-05T20:43:09.491Z
NVD
Status : Analyzed
Published: 2025-09-05T21:15:34.773
Modified: 2025-09-22T16:55:12.757
Link: CVE-2025-10059
Redhat
No data.