Sha256: ee383f1153bb4dc02352648c385aacaf5ed2f37f5d1f042fdd2a735066d425e9
Contents?: true
Size: 541 Bytes
Versions: 1
Compression:
Stored size: 541 Bytes
Contents
--- gem: bson cve: 2015-4411 ghsa: qh4w-7pw3-p4rp url: https://github.com/advisories/GHSA-qh4w-7pw3-p4rp date: 2020-04-29 title: Potential denial of service in bson rubygem description: | The Moped::BSON::ObjecId.legal? method in mongodb/bson-ruby before 3.0.4 as used in rubygem-moped allows remote attackers to cause a denial of service (worker resource consumption) via a crafted string. NOTE: This issue is due to an incomplete fix to CVE-2015-4410. cvss_v3: 7.5 patched_versions: - ">= 3.0.4" related: cve: - 2015-4410
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.7.0.1 | data/ruby-advisory-db/gems/bson/CVE-2015-4411.yml |