Lucene search

K

Js-bson Security Vulnerabilities

cve
cve

CVE-2018-13863

The MongoDB bson JavaScript module (also known as js-bson) versions 0.5.0 to 1.0.x before 1.0.5 is vulnerable to a Regular Expression Denial of Service (ReDoS) in lib/bson/decimal128.js. The flaw is triggered when the Decimal128.fromString() function is called to parse a long untrusted...

7.5CVSS

7.2AI Score

0.001EPSS

2022-10-03 04:22 PM
33
cve
cve

CVE-2019-2391

Incorrect parsing of certain JSON input may result in js-bson not correctly serializing BSON. This may cause unexpected application behaviour including data disclosure. This issue affects: MongoDB Inc. js-bson library version 1.1.3 and prior...

5.4CVSS

5.3AI Score

0.001EPSS

2020-03-31 02:15 PM
38