Описание
An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory.
Ссылки
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.6.3 (исключая)
cpe:2.3:a:mongodb:pymongo:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.00238
Низкий
4.7 Medium
CVSS3
8.1 High
CVSS3
Дефекты
CWE-125
CWE-125
Связанные уязвимости
CVSS3: 4.7
ubuntu
около 1 года назад
An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory.
CVSS3: 4.7
redhat
около 1 года назад
An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory.
CVSS3: 4.7
debian
около 1 года назад
An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier ...
EPSS
Процентиль: 47%
0.00238
Низкий
4.7 Medium
CVSS3
8.1 High
CVSS3
Дефекты
CWE-125
CWE-125