CVE-2025-0755
- EPSS 0.05%
- Veröffentlicht 18.03.2025 09:01:04
- Zuletzt bearbeitet 22.09.2025 18:32:49
The various bson_append functions in the MongoDB C driver library may be susceptible to buffer overflow when performing operations that could result in a final BSON document which exceeds the maximum allowable size (INT32_MAX), resulting in a segment...
CVE-2024-6383
- EPSS 0.17%
- Veröffentlicht 03.07.2024 22:15:03
- Zuletzt bearbeitet 21.11.2024 09:49:32
The bson_string_append function in MongoDB C Driver may be vulnerable to a buffer overflow where the function might attempt to allocate too small of buffer and may lead to memory corruption of neighbouring heap memory. This issue affects libbson vers...
CVE-2024-6381
- EPSS 0.3%
- Veröffentlicht 02.07.2024 18:15:03
- Zuletzt bearbeitet 02.10.2025 13:47:04
The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer overflow where the function will try to free memory at a negative offset. This may result in memory corruption. This issue affected libbson versions prior to ...
CVE-2018-16790
- EPSS 0.32%
- Veröffentlicht 10.09.2018 05:29:00
- Zuletzt bearbeitet 21.11.2024 03:53:21
_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in MongoDB mongo-c-driver and other products, has a heap-based buffer over-read via a crafted bson buffer.