EPSS
Percentile
48.7%
bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input.
bugzilla.redhat.com/show_bug.cgi?id=1834703
nvd.nist.gov/vuln/detail/CVE-2020-12135
www.cve.org/CVERecord?id=CVE-2020-12135