CVE-2018-16790

Опубликовано: 11 сент. 2018

Источник: redhat

CVSS3: 6.3

EPSS Низкий

Описание

_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in MongoDB mongo-c-driver and other products, has a heap-based buffer over-read via a crafted bson buffer.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Software Collections	rh-mongodb34-libbson	Will not fix
Red Hat Software Collections	rh-mongodb36-libbson	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=1627923libbson: Heap-based buffer over-read in _bson_iter_next_internal in bson-iter.c

EPSS

Процентиль: 66%

0.00529

Низкий

6.3 Medium

CVSS3

Связанные уязвимости

CVE-2018-16790

CVSS3: 8.1

ubuntu

около 7 лет назад

_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in MongoDB mongo-c-driver and other products, has a heap-based buffer over-read via a crafted bson buffer.

CVE-2018-16790

CVSS3: 8.1

nvd

около 7 лет назад

_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in MongoDB mongo-c-driver and other products, has a heap-based buffer over-read via a crafted bson buffer.

CVE-2018-16790

CVSS3: 8.1

debian

около 7 лет назад

_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in ...

GHSA-vmg6-94hc-5vqp

CVSS3: 8.1

github

больше 3 лет назад

_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in MongoDB mongo-c-driver and other products, has a heap-based buffer over-read via a crafted bson buffer.

ROS-20250903-01

CVSS3: 8.4

redos

9 дней назад

Множественные уязвимости libbson

EPSS

Процентиль: 66%

0.00529

Низкий

6.3 Medium

CVSS3