CVE-2018-16790

Debian Bug report logs - #913896 libbson: CVE-2018-16790: heap-based buffer over-read via a crafted bson buffer Package: src:libbson; Maintainer for src:libbson is A Jesse Jiryu Davis <jesse@mongodbcom>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Fri, 16 Nov 2018 16:27:01 UTC Severity: minor Tags: secur ...

_bson_iter_next_internal in bson-iterc in libbson 1120, as used in MongoDB mongo-c-driver and other products, has a heap-based buffer over-read via a crafted bson buffer ...