Mongodb Libbson vulnerabilities
3 known vulnerabilities affecting mongodb/libbson.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2025-0755HIGHCVSS 7.5fixed in 1.27.52025-03-18
CVE-2025-0755 [HIGH] CWE-122 CVE-2025-0755: The various bson_append functions in the MongoDB C driver library may be susceptible to buffer overf
The various bson_append functions in the MongoDB C driver library may be susceptible to buffer overflow when performing operations that could result in a final BSON document which exceeds the maximum allowable size (INT32_MAX), resulting in a segmentation fault and possible application crash. This issue affected libbson versions prior to 1.27.5, MongoDB
nvd
CVE-2024-6381MEDIUMCVSS 5.3fixed in 1.26.22024-07-02
CVE-2024-6381 [MEDIUM] CWE-680 CVE-2024-6381: The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer overflow
The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer overflow where the function will try to free memory at a negative offset. This may result in memory corruption. This issue affected libbson versions prior to 1.26.2
nvd
CVE-2018-16790HIGHCVSS 8.1v1.12.02018-09-10
CVE-2018-16790 [HIGH] CWE-125 CVE-2018-16790: _bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in MongoDB mongo-c-driver and oth
_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in MongoDB mongo-c-driver and other products, has a heap-based buffer over-read via a crafted bson buffer.
nvd