CVE-2024-6383 – MongoDB C Driver bson_string_append may be vulnerable to a buffer overflow
https://notcve.org/view.php?id=CVE-2024-6383
The bson_string_append function in MongoDB C Driver may be vulnerable to a buffer overflow where the function might attempt to allocate too small of buffer and may lead to memory corruption of neighbouring heap memory. This issue affects libbson versions prior to 1.27.1 • https://jira.mongodb.org/browse/CDRIVER-5628 • CWE-122: Heap-based Buffer Overflow •
CVE-2024-6381 – MongoDB C Driver bson_strfreev may be susceptible to integer overflow
https://notcve.org/view.php?id=CVE-2024-6381
The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer overflow where the function will try to free memory at a negative offset. This may result in memory corruption. This issue affected libbson versions prior to 1.26.2 La función bson_strfreev en la librería del controlador MongoDB C puede ser susceptible a un desbordamiento de enteros donde la función intentará liberar memoria con un desplazamiento negativo. Esto puede provocar daños en la memoria. Este problema afectó a las versiones de Libbson anteriores a la 1.26.2. • https://jira.mongodb.org/browse/CDRIVER-5622 • CWE-680: Integer Overflow to Buffer Overflow •