CVE-2020-12135

bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input.
Configurations

Configuration 1

cpe:2.3:a:whoopsie_project:whoopsie:*:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:c_driver:*:*:*:*:*:*:*:*

Information

Published : 2020-04-24 01:15

Updated : 2020-08-12 05:15


NVD link : CVE-2020-12135

Mitre link : CVE-2020-12135

Products Affected
CWE