CVE-2024-5629

Published: Jun 5, 2024
Updated: May 4, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2024-5629" target="_blank" rel="noopener"> CVE-2024-5629
GHSA: <a href="https://github.com/advisories/GHSA-m87m-mmvp-v9qm" target="_blank" rel="noopener"> GHSA-m87m-mmvp-v9qm
Severity: High
Exploit:

An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory.

CVSS v3:

CWEs: