ID: I202512291526 Status: idea Tags: MongoDB, Docker, CVE

My MongoBleed measures

MongoBleed is an exploit that recently happened, it is also known as CVE-2025-14847. I personally run my own MongoDB database, so I had to do something about this. I will write this as a timeline.

1. I saw this video about the CVE.
2. I immediately killed my Docker container. (And my API because I rather have it be dead than slow and half dead)
3. I then looked at the CVE to see the effected version.
4. I duplicated my MongoDB container with the image set to mongo:8.2.3-noble instead of mongo:latest and re-pulled it.
5. I found out that my database was created with version 7, so it didn’t work. So I duplicated the container again but with mongo:7.0.28-jammy instead of mongo:8.2.3-noble.
6. I deleted my old containers.

With this approach I could confirm whether my database was actually saved on a Docker Volume instead of in the Docker container itself, cause I never confirmed this for my MongoDB container, and had this go wrong in the past with copyparty.

---

References