Skip to main content
Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
org.webjars.npm/bson 1.0.9 | Vulnerabiliti… | Sonatype Guide
Get full component data and automated fixes with Sonatype Guide.
Sign up for free
maven
org.webjars.npm
bson
1.0.9
bson 1.0.9
org.webjars.npm
Published
Nov 30, 2020
•
Policy
compliance
maven Registry
Developer Trust Score
Recommended Version:
x.y.z
Recommended upgrade that meets your policy.
Compare Versions
Overview
Overview
Versions
4
Versions
4
Vulnerabilities
2
Vulnerabilities
2
Dependencies
0
Dependencies
0
Reset filters
Severity
Critical
(1)
High
(0)
Medium
(0)
Low
(0)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
9.8
CVE-2020-7610
All versions of bson before 1.1.4 are vulnerable to Deserialization of Untrusted Data. The package will ignore an unknown value for an object's _bsotype, leading to cases where an object is serialized as a document rather than the intended BSON type.
affected
Severity
Critical
Published
Mar 26, 2020
