CVE-2024-6383
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-6383
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-6383.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-6383
- Related
- Published
- 2024-07-03T22:15:03Z
- Modified
- 2024-09-18T03:26:40.923826Z
- Summary
- [none]
- Details
-
The bsonstringappend function in MongoDB C Driver may be vulnerable to a buffer overflow where the function might attempt to allocate too small of buffer and may lead to memory corruption of neighbouring heap memory. This issue affects libbson versions prior to 1.27.1
- References
Affected packages
Debian:11 / mongo-c-driver
Package
- Name
- mongo-c-driver
- Purl
- pkg:deb/debian/mongo-c-driver?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.17.6-1
1.18.0-1
1.19.0-1
1.19.1-1
1.19.2-1
1.20.0-1
1.20.1-1
1.21.0-1
1.21.1-1
1.21.2-1
1.22.0-1
1.22.1-1
1.22.1-1+riscv64
1.23.0-1
1.23.1-1
1.24.1-1
1.24.2-1
1.24.3-1
1.24.4-1
1.25.0-1
1.25.1-1
1.25.2-1
1.25.4-1
1.25.4-1.1~exp1
1.26.0-1
1.26.0-1.1~exp1
1.26.0-1.1
1.26.1-1
1.26.2-1
1.27.0-1
1.27.1-1
1.27.2-1
1.27.3-1
1.27.4-1
1.27.5-1
1.27.6-1
Debian:12 / mongo-c-driver
Package
- Name
- mongo-c-driver
- Purl
- pkg:deb/debian/mongo-c-driver?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Debian:13 / mongo-c-driver
Package
- Name
- mongo-c-driver
- Purl
- pkg:deb/debian/mongo-c-driver?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.27.1-1