CVE-2019-2391

Published: Mar 31, 2020
Updated: Jun 20, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2019-2391" target="_blank" rel="noopener"> CVE-2019-2391
GHSA: <a href="https://github.com/advisories/GHSA-4jwp-vfvf-657p" target="_blank" rel="noopener"> GHSA-4jwp-vfvf-657p
Severity: Medium
Exploit:

Incorrect parsing of certain JSON input may result in js-bson not correctly serializing BSON. This may cause unexpected application behaviour including data disclosure. This issue affects: MongoDB Inc. js-bson library version 1.1.3 and prior to.