Back to search
CVE-2017-14227
Published: Sep 9, 2017
Modified: Nov 3, 2025
PUBLISHED
Description
In MongoDB libbson 1.7.0, the bson_iter_codewscope function in bson-iter.c miscalculates a bson_utf8_validate length argument, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the bson_utf8_validate function in bson-utf8.c), as demonstrated by bson-to-json.c.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.redhat.com/show_bug.cgi?id=1489362
x_refsource_MISC
100825
vdb-entry
x_refsource_BID
https://bugzilla.redhat.com/show_bug.cgi?id=1489355
x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=1489356
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now