CVE-2020-7610

CVE-2020-7610

All versions of bson before 1.1.4 are vulnerable to Deserialization of Untrusted Data. The package will ignore an unknown value for an object’s _bsotype, leading to cases where an object is serialized as a document rather than the intended BSON type.

Source: CVE-2020-7610

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다