Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
All versions of bson before 1.1.4 are vulnerable to Deserialization of Untrusted Data. The package will ignore an unknown value for an object's _bsotype, leading to cases where an object is serialized as a document rather than the intended BSON type.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BSON 代码问题漏洞
Vulnerability Description
BSON是一款计算机数据交换格式,它是用于表示简单或复杂的数据结构、包括关联数组(也称为名称/值对)、整数索引数组和一组基本标量类型的二进制格式。 BSON 1.1.4之前版本中存在代码问题漏洞,该漏洞源于反序列化了不可信的数据。攻击者可借助特制的数据利用该漏洞在系统上执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A