The following binaries to not support ASLR mongodump.exe and mongorestore.exe

Sri_Sai_Ram_Akam · June 5, 2025, 6:00am

mongodump.exe and mongorestore.exe were analysed using Microsoft’s BinSkim binary analyser. Several were found to not correctly implement Address Space Randomisation and as such could reduce the number of locations ASLR may relocate the binary, reducing its effectiveness at mitigating memory corruption vulnerabilities.

Team, can someone help us with the version number where ASLR support will be added for database tools

Looking forward to the response as it is a security risk for any organisation.

Sri_Sai_Ram_Akam · June 12, 2025, 4:53am

@MaBeuLux88_xxx / @Tarun_Gaur could you please help on this?

Rohit_Iyer1 · July 17, 2025, 1:28pm

Had the same question. Can anyone from MongoDB respond here ?

Sri_Sai_Ram_Akam · July 17, 2025, 2:20pm

A response from the team is much appreciated, we have been waiting on this since June 5, almost a month