VYPR

mongo-c-driver-legacy

by 10gen Archive

CVEs (1)

  • CVE-2020-12135MedApr 24, 2020
    risk 0.00cvss 5.5epss 0.01

    bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input.