Vulnerabilities > CVE-2023-0437 - Infinite Loop vulnerability in Mongodb C Driver
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
When calling bson_utf8_validate on some inputs a loop with an exit condition that cannot be reached may occur, i.e. an infinite loop. This issue affects All MongoDB C Driver versions prior to versions 1.25.0.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://jira.mongodb.org/browse/CDRIVER-4747
- https://jira.mongodb.org/browse/CDRIVER-4747
- https://lists.fedoraproject.org/archives/list/[email protected]/message/7GUVOAFZFSYTNBF6R7H4XJM5DHWBRQ6P/
- https://lists.fedoraproject.org/archives/list/[email protected]/message/7GUVOAFZFSYTNBF6R7H4XJM5DHWBRQ6P/