C Driver MongoDB C Driver

stack.watch can email you when security vulnerabilities are reported in MongoDB C Driver. You can add multiple products that you use with C Driver to create your own personal software stack watcher.

By the Year

In 2021 there have been 0 vulnerabilities in MongoDB C Driver . Last year C Driver had 1 security vulnerability published. Right now, C Driver is on track to have less security vulnerabilities in 2021 than it did last year.

Year Vulnerabilities Average Score
2021 0 0.00
2020 1 5.50
2019 0 0.00
2018 0 0.00

It may take a day or so for new C Driver vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.

Latest MongoDB C Driver Security Vulnerabilities

bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values

CVE-2020-12135 5.5 - Medium - April 24, 2020

bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input.

CVE-2020-12135 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Integer Overflow or Wraparound