Alerts This Week
Warning Icon 1 449
Alerts This Week
Warning Icon 1 449

Ubuntu 20.04 MongoDB Information Exposure Threat USN-8160-1 CVE-2025-14847

ubuntu
Calendar Grey April 10, 2026
Dist Ubuntu Esm H88
MongoDB on Ubuntu could leak sensitive information via unprotected network exposure. Update now for security.
MongoDB could be made to expose sensitive information over the network.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: MongoDB could be made to expose sensitive information over the network. Software Description: - mongodb: object/document-oriented database Details: It was discovered that MongoDB incorrectly handled length parameters in zlib-compressed network messages prior to authentication. An unauthenticated remote attacker could possibly use this issue to cause MongoDB to allocate an oversized memory buffer, resulting in the exposure of sensitive information.

Topics%20covered

Topics Covered

security advisory remote attack Ubuntu information exposure network vulnerability MongoDB

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS mongodb 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3+esm1 Available with Ubuntu Pro mongodb-clients 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3+esm1 Available with Ubuntu Pro mongodb-server 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3+esm1 Available with Ubuntu Pro mongodb-server-core 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS mongodb 1:3.6.3-0ubuntu1.4+esm2 Available with Ubuntu Pro mongodb-clients 1:3.6.3-0ubuntu1.4+esm2 Available with Ubuntu Pro mongodb-server 1:3.6.3-0ubuntu1.4+esm2 Available with Ubuntu Pro mongodb-server-core 1:3.6.3-0ubuntu1.4+esm2 Available with Ubuntu Pro After a standard system update you need to restart the mongodb service to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8160-1

CVE-2025-14847

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8160-1

Topics%20covered

Topics Covered

security advisory remote attack Ubuntu information exposure network vulnerability MongoDB

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here