pkg:Debian/mongo-c-driver
14 total CVEsHIGH4MEDIUM6LOW1
✅ Check your installed version
All known vulnerabilities
- HIGH8.1CVE-2018-16790_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in MongoDB mongo-c-driver and other products, has a heap-based buffer ov…from 0, < 1.13.0-1
- HIGH7.5CVE-2026-6231The bson_validate function may return early on specific inputs and incorrectly report success.from 0
- from 0, < 1.17.6-1+deb11u1
- HIGH7.5CVE-2023-0437When calling bson_utf8_validate on some inputs a loop with an exit condition that cannot be reached may occur, i.e.from 0, < 1.17.6-1+deb11u1
- MEDIUM6.8CVE-2025-12119MongoDB driver extension affected by mongoc_bulk_operation_t's read of invalid memoryfrom 0, < 1.17.6-1+deb11u2
- MEDIUM6.8CVE-2025-12119MongoDB driver extension affected by mongoc_bulk_operation_t's read of invalid memoryfrom 0, < 1.17.6-1+deb11u2
- MEDIUM5.3CVE-2024-6383The bson_string_append function in MongoDB C Driver may be vulnerable to a buffer overflow where the function might attempt to allocate too…from 0, < 1.17.6-1+deb11u1
- MEDIUM5.3CVE-2024-6381The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer overflow where the function will try to free me…from 0, < 1.17.6-1+deb11u1
- from 0, < 1.17.6-1+deb11u1
- from 0, < 1.17.6-1+deb11u1
- LOW3.7CVE-2026-4359A compromised third party cloud server or man-in-the-middle attacker could send a malformed HTTP response and cause a crash in applications…from 0
- —CVE-2026-9100The MongoDB C Driver's legacy GridFS API accepts malformed file metadata from the database without adequate validation.from 0
- —CVE-2026-6691The MongoDB C Driver's Cyrus SASL integration performs unsafe string copying during username canonicalization, enabling a heap buffer overf…from 0
- —CVE-2025-14911User-controlled chunkSize metadata from MongoDB lacks appropriate validation allowing malformed GridFS metadata to overflow the bounding co…from 0