3 matches found
CVE-2025-0755
CVE-2025-0755 involves potential buffer overflow in the MongoDB C driver (bson_append family) that can cause a segmentation fault when a final BSON document exceeds INT32_MAX. Affected: libbson < 1.27.5; MongoDB Server < 8.0.1 (v8.0) and
CVE-2018-16790
CVE-2018-16790 affects libbson 1.12.0 (used by MongoDB’s libbson and the mongo-c-driver). The vulnerability is a heap-based buffer over-read triggered by a crafted BSON buffer in bson_iter_next_internal, as described for libbson 1.12.0. This can impact applications that consume BSON via the affec...
CVE-2024-6381
Incident summary: CVE-2024-6381 affects the MongoDB C driver library’s libbson component. The issue is a potential integer overflow in the bson_strfreev function, which may cause freeing memory at a negative offset and lead to memory corruption. The vulnerability affects libbson versions prior to...