RSS   Podatności dla 'BSON'   RSS

2020-03-30
 
CVE-2020-7610

CWE-502
 

 
All versions of bson before 1.1.4 are vulnerable to Deserialization of Untrusted Data. The package will ignore an unknown value for an object's _bsotype, leading to cases where an object is serialized as a document rather than the intended BSON type.

 
2020-02-20
 
CVE-2015-4411

CWE-400
 

 
The Moped::BSON::ObjecId.legal? method in mongodb/bson-ruby before 3.0.4 as used in rubygem-moped allows remote attackers to cause a denial of service (worker resource consumption) via a crafted string. NOTE: This issue is due to an incomplete fix to CVE-2015-4410.

 

 >>> Vendor: Mongodb 10 Produkty
Mongodb
Libbson
Js-bson
BSON
Mongodb enterprise kubernetes operator
C driver
Ops manager
Libmongocrypt
Java driver
Rust driver


Copyright 2022, cxsecurity.com

 

Back to Top