Filtered by vendor Mongodb
Subscriptions
Filtered by product Js-bson
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-2391 | 1 Mongodb | 1 Js-bson | 2023-06-19 | 5.4 Medium |
| Incorrect parsing of certain JSON input may result in js-bson not correctly serializing BSON. This may cause unexpected application behaviour including data disclosure. This issue affects: MongoDB Inc. js-bson library version 1.1.3 and prior to. | ||||
| CVE-2018-13863 | 1 Mongodb | 1 Js-bson | 2022-10-03 | N/A |
| The MongoDB bson JavaScript module (also known as js-bson) versions 0.5.0 to 1.0.x before 1.0.5 is vulnerable to a Regular Expression Denial of Service (ReDoS) in lib/bson/decimal128.js. The flaw is triggered when the Decimal128.fromString() function is called to parse a long untrusted string. | ||||
Page 1 of 1.