github · decsecre583 · Feb 6, 2026
diff --git a/advisories/unreviewed/2025/03/GHSA-x43h-8pfv-xx24/GHSA-x43h-8pfv-xx24.json b/advisories/unreviewed/2025/03/GHSA-x43h-8pfv-xx24/GHSA-x43h-8pfv-xx24.json
@@ -6,7 +6,7 @@
   "aliases": [
     "CVE-2025-0755"
   ],
-  "details": "The various bson_append functions in the MongoDB C driver library may be susceptible to buffer overflow when performing operations that could result in a final BSON document which exceeds the maximum allowable size (INT32_MAX), resulting in a segmentation fault and possible application crash. This issue affected libbson versions prior to 1.27.5, MongoDB Server v8.0 versions prior to 8.0.1 and MongoDB Server v7.0 versions prior to 7.0.16",
+  "details": "The various bson_append functions in the MongoDB C driver library may be susceptible to buffer overflow when performing operations that could result in a final BSON document which exceeds the maximum allowable size (INT32_MAX), resulting in a segmentation fault and possible application crash. This issue affected libbson versions prior to 1.27.5, MongoDB Server v8.0 versions prior to 8.0.1 and MongoDB Server v7.0 versions prior to 7.0.16. NOTE: this vulnerability exists because of an incomplete fix for CVE-2024-6383. This vulnerability addresses buffer overflow in the broader set of `bson_append` functions. A related buffer overflow in `bson_string_append` was previously patched in CVE-2024-6383(https://github.com/advisories/GHSA-w25p-2jj3-j5vr), which did not cover all append operations.",
   "severity": [
     {
       "type": "CVSS_V3",
@@ -45,4 +45,4 @@
     "github_reviewed_at": null,
     "nvd_published_at": "2025-03-18T09:15:11Z"
   }
-}
+}