Описание
The bson_string_append function in MongoDB C Driver may be vulnerable to a buffer overflow where the function might attempt to allocate too small of buffer and may lead to memory corruption of neighbouring heap memory. This issue affects libbson versions prior to 1.27.1
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libbson-xs-perl | removed | package | ||
| libbson-xs-perl | fixed | 0.8.4-2+deb12u1 | bookworm | package |
| mongo-c-driver | fixed | 1.27.1-1 | package | |
| mongo-c-driver | fixed | 1.23.1-1+deb12u1 | bookworm | package |
Примечания
https://jira.mongodb.org/browse/CDRIVER-5628
Fixed by: https://github.com/mongodb/mongo-c-driver/commit/1d642e461e7c0e26abe3a90c7bbac081ac4a0053 (1.28.0)
Fixed by: https://github.com/mongodb/mongo-c-driver/commit/7c34461863211be172e6317221d72e4429bed45e (1.27.1)
EPSS
Связанные уязвимости
The bson_string_append function in MongoDB C Driver may be vulnerable to a buffer overflow where the function might attempt to allocate too small of buffer and may lead to memory corruption of neighbouring heap memory. This issue affects libbson versions prior to 1.27.1
The bson_string_append function in MongoDB C Driver may be vulnerable to a buffer overflow where the function might attempt to allocate too small of buffer and may lead to memory corruption of neighbouring heap memory. This issue affects libbson versions prior to 1.27.1
The bson_string_append function in MongoDB C Driver may be vulnerable to a buffer overflow where the function might attempt to allocate too small of buffer and may lead to memory corruption of neighbouring heap memory. This issue affects libbson versions prior to 1.27.1
EPSS