CVE-2025-1755
27.02.2025, 16:15
MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privileges, when a crafted file is stored in C:\node_modules\. This issue affects MongoDB Compass prior to 1.42.1Enginsight
| Vendor | Product | Version |
|---|---|---|
| mongodb | compass | 𝑥 < 1.42.1 |
| redhat | enterprise_linux_for_arm_64 | 9.0_aarch64:_aarch64 |
| redhat | enterprise_linux_for_ibm_z_systems | 9.0_s390x:_s390x |
| redhat | enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions | 9.0_ppc64le:_ppc64le |
| redhat | enterprise_linux_update_services_for_sap_solutions | 9.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration