Security Advisory

CVE-2024-6381

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-07-02 17:14:48

Last updated 2025-11-03 19:34:28

Assigner mongodb

State PUBLISHED

Description

The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer overflow where the function will try to free memory at a negative offset. This may result in memory corruption. This issue affected libbson versions prior to 1.26.2

← Browse all CVEs View on cve.org ↗