Heap-Based Buffer Over-Read Vulnerability in libbson 1.12.0

Heap-Based Buffer Over-Read Vulnerability in libbson 1.12.0

CVE-2018-16790 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:P

_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in MongoDB mongo-c-driver and other products, has a heap-based buffer over-read via a crafted bson buffer.

Learn more about our Cis Benchmark Audit For Mongodb.