CVE-2024-5629
See a problem?- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-5629
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-5629.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-5629
- Aliases
- Related
- Published
- 2024-06-05T15:15:12Z
- Modified
- 2024-09-03T04:40:51.941247Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory.
- References
Affected packages
Git / github.com/mongodb/mongo-python-driver
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mongodb/mongo-python-driver
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.10
0.10.1
0.10.2
0.10.3
0.11
0.11.1
0.11.2
0.11.3
0.12
0.13
0.14
0.14.1
0.14.2
0.15
0.15.1
0.15.2
0.16
0.4pre
0.5.1pre
0.5.2pre
0.5.3pre
0.5pre
0.6
0.7
0.7.1
0.7.2
0.8
0.8.1
0.9
0.9.1
0.9.2
0.9.3
0.9.4
0.9.5
1.*
1.0
1.1
1.1.1
1.1.2
1.10
1.10.1
1.11
1.2
1.2.1
1.3
1.4
1.5
1.5.1
1.6
1.7
1.8
1.8.1
1.9
2.*
2.0
2.0.1
2.1
2.1.1
2.2
2.2.1
2.2rc1
2.3
2.3rc1
2.4
2.4.1
2.4.2
2.5
2.5.1
2.6
2.7
2.7rc0
2.7rc1
3.*
3.0
3.0.1
3.0.2
3.0.3
3.0b0
3.0b1
3.0rc0
3.0rc1
3.1
3.1.1
3.10.0
3.10.1
3.11.0
3.11.0b0
3.11.0b1
3.11.0rc0
3.11.1
3.1rc0
3.2
3.2.1
3.2.2
3.2rc0
3.3.0
3.4.0
3.4rc0
3.5.0
3.5.1
3.6.0
3.6.1
3.6rc0
3.7.0
3.7.0b0
3.9.0
3.9.0b0
3.9.0b1
4.*
4.0
4.1.0
4.1.1
4.2.0
4.2.0b0
4.3.0
4.3.1
4.3.2
4.3.3
4.4.0
4.4.0b0
4.5.0
4.6.0
4.6.1
4.6.2