CVE-2024-7553
- EPSS 0.14%
- Veröffentlicht 07.08.2024 10:15:39
- Zuletzt bearbeitet 19.09.2024 20:46:04
Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing arbitrary behaviour determined by the contents of ...
CVE-2023-0437
- EPSS 0.04%
- Veröffentlicht 12.01.2024 14:15:47
- Zuletzt bearbeitet 13.02.2025 17:15:55
When calling bson_utf8_validate on some inputs a loop with an exit condition that cannot be reached may occur, i.e. an infinite loop. This issue affects All MongoDB C Driver versions prior to versions 1.25.0.
CVE-2021-32050
- EPSS 0.04%
- Veröffentlicht 29.08.2023 16:15:08
- Zuletzt bearbeitet 13.02.2025 17:15:29
Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are ...
CVE-2020-12135
- EPSS 0.35%
- Veröffentlicht 24.04.2020 01:15:11
- Zuletzt bearbeitet 21.11.2024 04:59:19
bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input.