Homepage

org.webjars.npm:bson@1.1.3 vulnerabilities

  • latest version

    1.1.3

  • latest non vulnerable version

    0.2.22

  • first published

    7 years ago

  • latest version published

    5 years ago

  • licenses detected

  • package manager

    View on Maven Repository
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the org.webjars.npm:bson package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Internal Property Tampering

    org.webjars.npm:bson is a BSON Parser for node and browser.

    Affected versions of this package are vulnerable to Internal Property Tampering. The package will ignore an unknown value for an object's _bsotype, leading to cases where an object is serialized as a document rather than the intended BSON type.

    NOTE: This vulnerability has also been identified as: CVE-2019-2391

    How to fix Internal Property Tampering?

    There is no fixed version for org.webjars.npm:bson.

    [1.0.0,)
    • H
    Internal Property Tampering

    org.webjars.npm:bson is a BSON Parser for node and browser.

    Affected versions of this package are vulnerable to Internal Property Tampering. The package will ignore an unknown value for an object's _bsotype, leading to cases where an object is serialized as a document rather than the intended BSON type.

    NOTE: This vulnerability has also been identified as: CVE-2020-7610

    How to fix Internal Property Tampering?

    There is no fixed version for org.webjars.npm:bson.

    [1.0.0,)
    Go back to all versions of this package