RSS   Podatności dla 'Js-bson'   RSS

2020-03-31
 
CVE-2019-2391

CWE-502
 

 
Incorrect parsing of certain JSON input may result in js-bson not correctly serializing BSON. This may cause unexpected application behaviour including data disclosure.

 
2018-07-10
 
CVE-2018-13863

CWE-noinfo
 

 
The MongoDB bson JavaScript module (also known as js-bson) versions 0.5.0 to 1.0.x before 1.0.5 is vulnerable to a Regular Expression Denial of Service (ReDoS) in lib/bson/decimal128.js. The flaw is triggered when the Decimal128.fromString() function is called to parse a long untrusted string.

 

 >>> Vendor: Mongodb 10 Produkty
Mongodb
Libbson
Js-bson
BSON
Mongodb enterprise kubernetes operator
C driver
Ops manager
Libmongocrypt
Java driver
Rust driver


Copyright 2022, cxsecurity.com

 

Back to Top