EPSS
Percentile
55.4%
bson is vulnerable to regular expression denial of service (ReDoS) attacks. The vulnerability exists due to the use of improper regular expression that consumes a large amount of resources when parsing large strings.
bugzilla.redhat.com/show_bug.cgi?id=1550773
github.com/mongodb/js-bson/commit/bd61c45157c53a1698ff23770160cf4783e9ea4a