Security Advisories (3)

CVE-2024-6383 (2024-07-03)

The bson_string_append function in MongoDB C Driver may be vulnerable to a buffer overflow where the function might attempt to allocate too small of buffer and may lead to memory corruption of neighbouring heap memory. This issue affects libbson versions prior to 1.27.1

CVE-2023-0437 (2024-01-12)

When calling bson_utf8_validate on some inputs a loop with an exit condition that cannot be reached may occur, i.e. an infinite loop. This issue affects All MongoDB C Driver versions prior to versions 1.25.0.

CVE-2025-40906 (2025-05-16)

BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several vulnerabilities. Those include CVE-2017-14227, CVE-2018-16790, CVE-2023-0437, CVE-2024-6381, CVE-2024-6383, and CVE-2025-0755. BSON-XS was the official Perl XS implementation of MongoDB's BSON serialization, but this distribution has reached its end of life as of August 13, 2020 and is no longer supported.

NAME

BSON::XS - XS implementation of MongoDB's BSON serialization

VERSION

version v0.8.0

DESCRIPTION

This module contains an XS implementation for BSON encoding and decoding. There is no public API. Use the BSON module and it will choose the best implementation for you.

SUPPORT

Bugs / Feature Requests

Please report any bugs or feature requests through the issue tracker at https://jira.mongodb.org/browse/PERL. You will be notified automatically of any progress on your issue.

Source Code

This is open source software. The code repository is available for public review and contribution under the terms of the license.

https://github.com/mongodb/mongo-perl-bson-xs

git clone https://github.com/mongodb/mongo-perl-bson-xs.git

AUTHOR

David Golden <david@mongodb.com>

CONTRIBUTOR

Paul "LeoNerd" Evans <leonerd@leonerd.org.uk>

COPYRIGHT AND LICENSE

This is free software, licensed under:

The Apache License, Version 2.0, January 2004

To install BSON::XS, copy and paste the appropriate command in to your terminal.

cpanm

cpanm BSON::XS

CPAN shell

perl -MCPAN -e shell
install BSON::XS

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)