Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2019-2391

Опубликовано: 31 мар. 2020
Источник: debian

Описание

Incorrect parsing of certain JSON input may result in js-bson not correctly serializing BSON. This may cause unexpected application behaviour including data disclosure. This issue affects: MongoDB Inc. js-bson library version 1.1.3 and prior to.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
node-mongodbfixed3.5.5+~cs11.12.19-1experimentalpackage
node-mongodbfixed3.5.6+~cs11.12.19-1package
node-mongodbfixed3.1.13+~3.1.11-2+deb10u1busterpackage

Примечания

  • Fixed in js-bson v1.1.4 included in 3.5.5+~cs11.12.19

Связанные уязвимости

ubuntu логотип

CVE-2019-2391

CVSS3: 4.2
ubuntu
почти 6 лет назад

Incorrect parsing of certain JSON input may result in js-bson not correctly serializing BSON. This may cause unexpected application behaviour including data disclosure. This issue affects: MongoDB Inc. js-bson library version 1.1.3 and prior to.

nvd логотип

CVE-2019-2391

CVSS3: 4.2
nvd
почти 6 лет назад

Incorrect parsing of certain JSON input may result in js-bson not correctly serializing BSON. This may cause unexpected application behaviour including data disclosure. This issue affects: MongoDB Inc. js-bson library version 1.1.3 and prior to.

github логотип

GHSA-4jwp-vfvf-657p

CVSS3: 5.4
github
почти 4 года назад

Deserialization of Untrusted Data in bson