Vulnerability	Vulnerable Version
H Internal Property Tampering org.webjars.npm:bson is a BSON Parser for node and browser. Affected versions of this package are vulnerable to Internal Property Tampering. The package will ignore an unknown value for an object's `_bsotype`, leading to cases where an object is serialized as a document rather than the intended BSON type. NOTE: This vulnerability has also been identified as: CVE-2019-2391 How to fix Internal Property Tampering? There is no fixed version for `org.webjars.npm:bson`.	[1.0.0,)
H Internal Property Tampering org.webjars.npm:bson is a BSON Parser for node and browser. Affected versions of this package are vulnerable to Internal Property Tampering. The package will ignore an unknown value for an object's `_bsotype`, leading to cases where an object is serialized as a document rather than the intended BSON type. NOTE: This vulnerability has also been identified as: CVE-2020-7610 How to fix Internal Property Tampering? There is no fixed version for `org.webjars.npm:bson`.	[1.0.0,)
L Regular Expression Denial of Service (ReDoS) org.webjars.npm:bson is a BSON Parser for node and browser. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). This can cause an impact of about 10 seconds matching time for data 50K characters long. How to fix Regular Expression Denial of Service (ReDoS)? Upgrade `org.webjars.npm:bson` to version 1.0.5 or higher.	[0.5.0,1.0.5)

Go back to all versions of this package