Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The MongoDB bson JavaScript module (also known as js-bson) versions 0.5.0 to 1.0.x before 1.0.5 is vulnerable to a Regular Expression Denial of Service (ReDoS) in lib/bson/decimal128.js. The flaw is triggered when the Decimal128.fromString() function is called to parse a long untrusted string.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MongoDB bson JavaScript模块安全漏洞
Vulnerability Description
MongoDB bson JavaScript module(又名js-bson)是一个使用在MongoDB中的BSON(Binary JSON)解析器。 MongoDB bson JavaScript模块1.0.5版本之前的0.5.0版本至1.0.x版本中的lib/bson/decimal128.js文件的‘Decimal128.fromString()’函数存在拒绝服务漏洞。攻击者可借助较长的不可信字符串利用该漏洞造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A