CVE-2025-0755 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-0755 PUBLISHED

The various bson_append functions in the MongoDB C driver library may be susceptible to buffer overflow when performing operations that could result in a final BSON document which exceeds the maximum allowable size (INT32_MAX), resulting in a segmentation fault and possible application crash. This issue affected libbson versions prior to 1.27.5, MongoDB Server v8.0 versions prior to 8.0.1 and MongoDB Server v7.0 versions prior to 7.0.16

EPSS 0.24% · 46.8th percentile

Risk Scores

EPSS Score

0.24%

46.8th percentile

Affected Products

Vendor	Product	Versions
Bitnami	mongodb	7.0.0, 8.0.0
Bitnami	mongodb	7.0.0, 8.0.0

Timeline

Jan 27, 2025 CVE ID Reserved
Mar 18, 2025 EPSS Score
Mar 18, 2025 CVE Published
Mar 19, 2025 Coalition ESS Score
Mar 31, 2025 EPSS Score
Apr 13, 2025 EPSS Score
Apr 25, 2025 EPSS Score
May 8, 2025 EPSS Score
May 21, 2025 EPSS Score
Jun 3, 2025 EPSS Score
Jun 10, 2025 Coalition ESS Score
Jun 16, 2025 EPSS Score

References

Open in Interactive Console →