Описание
The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer overflow where the function will try to free memory at a negative offset. This may result in memory corruption. This issue affected libbson versions prior to 1.26.2
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/bionic | needs-triage | |
| esm-apps/xenial | needs-triage | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| mantic | DNE | |
| noble | DNE | |
| oracular | DNE | |
| plucky | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.30.4-1ubuntu1 |
| esm-apps/focal | released | 1.16.1-1ubuntu0.1~esm1 |
| esm-apps/jammy | released | 1.21.0-1ubuntu0.1~esm1 |
| esm-apps/noble | released | 1.26.0-1.1ubuntu2+esm1 |
| focal | ignored | end of standard support, was needs-triage |
| jammy | needed | |
| mantic | ignored | end of life, was needs-triage |
| noble | needed | |
| oracular | not-affected | 1.27.5-1 |
| plucky | not-affected | 1.30.2-1 |
Показывать по
EPSS
4 Medium
CVSS3
Связанные уязвимости
The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer overflow where the function will try to free memory at a negative offset. This may result in memory corruption. This issue affected libbson versions prior to 1.26.2
The bson_strfreev function in the MongoDB C driver library may be susc ...
The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer overflow where the function will try to free memory at a negative offset. This may result in memory corruption. This issue affected libbson versions prior to 1.26.2
Уязвимость функции bson_strfreev() библиотеки libbson драйвера системы управления базами данных MongoDB C Driver, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
EPSS
4 Medium
CVSS3