CVE-2019-2391

Summary

Incorrect parsing of certain JSON input may result in js-bson not correctly serializing BSON. This may cause unexpected application behaviour including data disclosure. This issue affects: MongoDB Inc. js-bson library version 1.1.3 and prior to.

Affected Software

VendorProductVersion RangeStatus
MongoDB Inc.js-bson1.0 <= 1.1.3affected

Weaknesses

  • CWE-502: CWE-502: Deserialization of Untrusted Data

ADP Enrichment

CVE Program Container

Additional References

References