Medium severity5.5NVD Advisory· Published Apr 24, 2020· Updated Jun 17, 2026
CVE-2020-12135
CVE-2020-12135
Description
bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- bson/bsondescription
Patches
Vulnerability mechanics
References
4- github.com/10gen-archive/mongo-c-driver-legacy/commit/1a1f5e26a4309480d88598913f9eebf9e9cba8canvdPatchThird Party Advisory
- launchpadlibrarian.net/474887364/bson-fix-overflow.patchnvdPatchThird Party Advisory
- bugs.launchpad.net/ubuntu/+source/whoopsie/+bug/1872560nvdExploitThird Party Advisory
- usn.ubuntu.com/4450-1/nvd
News mentions
0No linked articles in our index yet.