ACT NOW: The Alteryx team will be retiring support for Community account recovery and Community email-change requests Early 2026. Make sure to check your account preferences in my.alteryx.com to make sure you have filled out your security questions. Learn more here
community Alteryx IO MyAlteryx
alteryx Community
Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Close
Start Free Trial

Alteryx Server Discussions

Find answers, ask questions, and share expertise about Alteryx Server.
SOLVED

MongoDB Security issue CVE-2025-14847 aka MongoBleed

Paul_Holden
10 - Fireball
a week ago

Hi,

 

Can someone comment on the exposure, and available remediations (if required), for the embedded MongoDB with reference to CVE-2025-14847, commonly referred to as MongoBleed?

 

My understanding is that this potentially impacts all versions of MongoDB currently supplied with supported versions of Alteryx server?

 

Does the Alteryx implementation use zlib compression?

If so is it possible to switch it off?

If it is required what are the plans to patch the various supported versions of server?

Reply

Accepted SolutionSolved! Go to Solution.

3 REPLIES 3
fmvizcaino
17 - Castor
17 - Castor
a week ago

Hi @Paul_Holden ,

 

I reached out to Alteryx about this last week and they released a KB with a quick fix.

https://knowledge.alteryx.com/index/s/article/MongoDB-zlib-Compression-Vulnerability-CVE-2025-14847-...

 

They also mentioned that they will release a formal patch soon.

 

 

Best,

Fernando

Reply
Paul_Holden
10 - Fireball
a week ago

Brilliant, thanks for the pointer.

Reply
0 Likes
TheCoffeeDude
11 - Bolide
yesterday

It should be noted that if you're running a user-managed MongoDB instance, you should upgrade/patch to a new version or follow the mitigation in the knowledge article that Fernando provided. The CVE-2025-14847 report provides information on which versions are not vulnerable. Additionally, MongoDB Atlas has already been patched to the latest non-vulnerable version (if you have that feature turned on).

Reply
0 Likes
server new user guide
Labels
Top Solution Authors
View All