[SECURITY] [DSA 6084-1] c-ares security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6084-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 18, 2025 https://www.debian.org/security/faq -...

USN-7925-1 c-ares vulnerability

It was discovered that c-ares incorrectly handled terminating certain queries after a maximum number of attempts. An attacker could possibly use this issue to cause c-ares to crash, resulting in a denial of service...

EUVD-2025-201830

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

CVE-2025-13643

A user with access to the cluster with a limited set of privilege actions may be able to terminate queries that are being executed by other users. This may cause a denial of service by preventing a fraction of queries from successfully completing. This issue affects MongoDB Server v7.0 versions...

CVE-2025-13643 MongoDB Server may allow queries to be terminated by unauthorized users

A user with access to the cluster with a limited set of privilege actions may be able to terminate queries that are being executed by other users. This may cause a denial of service by preventing a fraction of queries from successfully completing. This issue affects MongoDB Server v7.0 versions...

MongoDB Server may allow queries to be terminated by unauthorized users

A user with access to the cluster with a limited set of privilege actions may be able to terminate queries that are being executed by other users. This may cause a denial of service by preventing a fraction of queries from successfully completing. This issue affects MongoDB Server v7.0 versions...

CVE-2025-13643

MongoDB Server vulnerable: a user with limited privileges on a cluster can terminate queries run by other users, causing partial denial of service. Affected are MongoDB Server versions prior to 7.0.26 (7.0.x) and prior to 8.0.14 (8.0.x). The issue is described across multiple sources (e.g., CVE-2...

PT-2025-47990

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 7.0.26 MongoDB Server versions prior to 8.0.14 Description A user with limited privileges within a cluster may be able to terminate queries initiated by other users. This could lead to a denial of service by...