Lucene search

K

GoogleOSV:PYSEC-2013-30

HistoryAug 15, 2013 - 5:55 p.m.

PYSEC-2013-30

2013-08-1517:55:00

Google

osv.dev

6

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an “invalid DBRef.”

CPENameOperatorVersion
pymongoeq1.9
pymongoeq0.3.1pre
pymongoeq2.5
pymongoeq0.3pre
pymongoeq0.9.6
pymongoeq0.7
pymongoeq1.3
pymongoeq0.14.2
pymongoeq0.14
pymongoeq1.8

Rows per page:

1-10 of 731

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=710597

lists.opensuse.org/opensuse-updates/2013-06/msg00180.html

seclists.org/oss-sec/2013/q2/447

ubuntu.com/usn/usn-1897-1

www.debian.org/security/2013/dsa-2705

www.osvdb.org/93804

www.securityfocus.com/bid/60252

github.com/mongodb/mongo-python-driver/commit/a060c15ef87e0f0e72974c7c0e57fe811bbd06a2

jira.mongodb.org/browse/PYTHON-532

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

Related for OSV:PYSEC-2013-30

securityvulns2 debian2 ubuntucve1 ubuntu1 github1 openvas5 mageia1 osv2 cve1 prion1 nessus4 debiancve1 seebug1 redhat1 kitploit1 n0where1