VYPR
Unrated severityNVD Advisory· Published Jul 2, 2024· Updated Nov 3, 2025

MongoDB C Driver bson_strfreev may be susceptible to integer overflow

CVE-2024-6381

Description

The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer overflow where the function will try to free memory at a negative offset. This may result in memory corruption. This issue affected libbson versions prior to 1.26.2

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • MongoDB Inc/libbsonv5
    cpe:2.3:a:mongodb:libbson:0.2.0:*:*:*:*:*:*:*
    Range: 0
  • MongoDB/Libbsonllm-fuzzy
    Range: <1.26.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.