MongoDB C Driver
By the Year
In 2021 there have been 0 vulnerabilities in MongoDB C Driver . Last year C Driver had 1 security vulnerability published. Right now, C Driver is on track to have less security vulnerabilities in 2021 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2021 | 0 | 0.00 |
| 2020 | 1 | 5.50 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new C Driver vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.
Latest MongoDB C Driver Security Vulnerabilities
bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values
CVE-2020-12135
5.5 - Medium
- April 24, 2020
bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input.
CVE-2020-12135 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Integer Overflow or Wraparound