Home > Vulnerability Database > CVE-2025-0755

Mend.io Vulnerability Database

CVE-2025-0755

Date: March 18, 2025

The various bson_append functions in the MongoDB C driver library may be susceptible to buffer overflow when performing operations that could result in a final BSON document which exceeds the maximum allowable size (INT32_MAX), resulting in a segmentation fault and possible application crash. This issue affected libbson versions prior to 1.27.5, MongoDB Server v8.0 versions prior to 8.0.1 and MongoDB Server v7.0 versions prior to 7.0.16

Severity Score

8.4

Related Resources (5)

Url: https://jira.mongodb.org/browse/CDRIVER-5601

Url: https://security-tracker.debian.org/tracker/CVE-2025-0755

Url: https://jira.mongodb.org/browse/SERVER-94461

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-0755

Url: https://www.mend.io/vulnerability-database/CVE-2025-0755

Severity Score

8.4

Weakness Type (CWE)

Heap-based Buffer Overflow

CWE-122

CVSS v3.1

Base Score:	8.4
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-0755

Date: March 18, 2025

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?