<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Wed Feb 07 21:21:49 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[CDRIVER-4747] [Integer overflow] bson_utf8_validate</title>
                <link>https://jira.mongodb.org/browse/CDRIVER-4747</link>
                <project id="10030" key="CDRIVER">C Driver</project>
                    <description>&lt;p&gt;&lt;b&gt;CVE ID:&lt;/b&gt;&lt;br/&gt;
CVE-2023-0437&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Title:&lt;/b&gt;&lt;/p&gt;

&lt;p&gt;MongoDB client C-Driver may infinitely loop when validating certain BSON input data&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Description:&lt;/b&gt;&lt;/p&gt;

&lt;p&gt;When calling&#160;&lt;tt&gt;bson_utf8_validate&lt;/tt&gt;&#160;on some inputs a loop with an exit condition that cannot be reached may occur, i.e. an infinite loop. This issue affects All MongoDB C-Driver versions prior to versions 1.25.0.&lt;/p&gt;

&lt;p&gt;&lt;b&gt;CWE:&lt;/b&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://cwe.mitre.org/data/definitions/835.html&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;CWE-835: Loop with Unreachable Exit Condition (&apos;Infinite Loop&apos;)&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;b&gt;CVSS Score:&lt;/b&gt;&#160;&lt;/p&gt;

&lt;p&gt;5.3&lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Affected Product Versions:&lt;/b&gt;&lt;br/&gt;
&#160;All MongoDB C-Driver versions prior to versions 1.25.0&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Credit:&lt;/b&gt;&lt;/p&gt;

&lt;p&gt;selmelc&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Issue Found:&lt;/b&gt;&lt;br/&gt;
External&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Internal Jira reference:&lt;/b&gt;&lt;br/&gt;
&lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-4747&quot; title=&quot;[Integer overflow] bson_utf8_validate&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-4747&quot;&gt;&lt;del&gt;CDRIVER-4747&lt;/del&gt;&lt;/a&gt;&lt;/p&gt;</description>
                <environment></environment>
        <key id="2483411">CDRIVER-4747</key>
            <summary>[Integer overflow] bson_utf8_validate</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="kevin.albertson@mongodb.com">Kevin Albertson</assignee>
                                    <reporter username="karman.liu@mongodb.com">Karman Liu</reporter>
                        <labels>
                    </labels>
                <created>Thu, 26 Oct 2023 10:29:49 +0000</created>
                <updated>Wed, 24 Jan 2024 15:14:09 +0000</updated>
                            <resolved>Mon, 30 Oct 2023 18:03:27 +0000</resolved>
                                                    <fixVersion>1.25.0</fixVersion>
                    <fixVersion>1.24.5</fixVersion>
                                    <component>BSON</component>
                    <component>Security</component>
                                        <votes>0</votes>
                                    <watches>3</watches>
                                                                                                                <comments>
                            <comment id="5832648" author="xgen-internal-githook" created="Mon, 30 Oct 2023 18:03:01 +0000"  >&lt;p&gt;Author: &lt;/p&gt;
{&apos;name&apos;: &apos;Kevin Albertson&apos;, &apos;email&apos;: &apos;kevin.albertson@mongodb.com&apos;, &apos;username&apos;: &apos;kevinAlbs&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-4747&quot; title=&quot;[Integer overflow] bson_utf8_validate&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-4747&quot;&gt;&lt;del&gt;CDRIVER-4747&lt;/del&gt;&lt;/a&gt; use `size_t` consistently in `bson_utf8_validate` (#1458)&lt;br/&gt;
Branch: r1.24&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/commit/be865dd759a28aa268232766f304d1bc11f1e8f7&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-c-driver/commit/be865dd759a28aa268232766f304d1bc11f1e8f7&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="5832629" author="xgen-internal-githook" created="Mon, 30 Oct 2023 18:01:33 +0000"  >&lt;p&gt;Author: &lt;/p&gt;
{&apos;name&apos;: &apos;Kevin Albertson&apos;, &apos;email&apos;: &apos;kevin.albertson@mongodb.com&apos;, &apos;username&apos;: &apos;kevinAlbs&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-4747&quot; title=&quot;[Integer overflow] bson_utf8_validate&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-4747&quot;&gt;&lt;del&gt;CDRIVER-4747&lt;/del&gt;&lt;/a&gt; use `size_t` consistently in `bson_utf8_validate` (#1458)&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/commit/fd3a978b35cac8f3c78c4d9a1b08fd5aa4d440b8&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-c-driver/commit/fd3a978b35cac8f3c78c4d9a1b08fd5aa4d440b8&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                                                <inwardlinks description="is related to">
                                                        </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|i2fgus:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>