FAIL › dossier
FedRAMP provider ·
Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.
| Date | Event | Sev | Flags | Shame | Summary |
|---|---|---|---|---|---|
| 2021-12-10 | CVE-2019-10758 | high | ⚡RCE ⌖KEV | 65 | mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. |
| 2025-12-29 | CVE-2025-14847 | high | ⌖KEV | 50 | MongoDB Server contains an improper handling of length parameter inconsistency vulnerability in Zlib compressed protocol headers. This vulnerability may allow a read of uninitialized heap memory by an unauthenticated client. |
| Product | Status | Impact |
|---|---|---|
| MongoDB Atlas for Government | Authorized | Moderate |