{"image_url":null,"provider_name":"Hatena Blog","published":"2025-02-21 00:00:00","provider_url":"https://hatena.blog","width":"100%","blog_url":"https://vul.hatenadiary.com/","description":"\u3010\u8a33\u3011MongoDB\u30e9\u30a4\u30d6\u30e9\u30ea\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001Node.js\u30b5\u30fc\u30d0\u30fc\u3067RCE\u304c\u53ef\u80fd\u306b \u3010\u8106\u5f31\u6027\u5185\u5bb9\u3011 \u516c\u958b\u65e5 \u767b\u9332\u65e5 CVE\u756a\u53f7 NVD \u30d9\u30f3\u30c0\u30fc CVSS v3 CWE \u8106\u5f31\u6027 KEV \u5099\u8003 2024/12/02 2024/11/24 CVE-2024-53900 NVD \u30d9\u30f3\u30c0\u30fc 9.1(CISA-ADP) CWE-89 SQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3 - MongoDB 2025/01/15 2025/01/10 CVE-2025-23061 NVD \u30d9\u30f3\u30c0\u30fc 9.0(MITRE) CWE-94 \u30b3\u30fc\u30c9\u30fb\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3 - MongoDB \u3010\u8981\u7d04\u3011 Mongoose ODM\u30e9\u30a4\u30d6\u30e9\u30ea\u306b2\u3064\u306e\u91cd\u2026","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fvul.hatenadiary.com%2Fentry%2F2025%2F02%2F21%2F000000\" title=\"Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers - TT \u8106\u5f31\u6027 Blog\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","title":"Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers","url":"https://vul.hatenadiary.com/entry/2025/02/21/000000","author_name":"tanigawa","categories":["CVE-2025-23061 (MongoDB)","\u8106\u5f31\u6027: CVE-2024-53900 (MongoDB)","DB: MongoDB"],"blog_title":"TT \u8106\u5f31\u6027 Blog","version":"1.0","height":"190","type":"rich","author_url":"https://blog.hatena.ne.jp/tanigawa/"}