Lucene search
UbuntuUSN-6904-1HistoryJul 22, 2024 - 12:00 a.m.
PyMongo vulnerability
2024-07-2200:00:00
ubuntu.com
10
pymongo
ubuntu 24.04
ubuntu 22.04
ubuntu 20.04
ubuntu 18.04
ubuntu 16.04
bson
security issue
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
AI Score
6.6
Confidence
Low
Releases
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 ESM
- Ubuntu 16.04 ESM
Packages
- pymongo - Python interface to the MongoDB document-oriented database
Details
It was discovered that PyMongo incorrectly handled certain BSON.
An attacker could possibly use this issue to read sensitive information
or cause a crash.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 24.04 | noarch | python3-bson | < 3.11.0-1ubuntu0.24.04.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | python-pymongo-doc | < 3.11.0-1ubuntu0.24.04.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | python3-bson-ext | < 3.11.0-1ubuntu0.24.04.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | python3-bson-ext-dbgsym | < 3.11.0-1ubuntu0.24.04.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | python3-gridfs | < 3.11.0-1ubuntu0.24.04.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | python3-pymongo | < 3.11.0-1ubuntu0.24.04.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | python3-pymongo-ext | < 3.11.0-1ubuntu0.24.04.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | python3-pymongo-ext-dbgsym | < 3.11.0-1ubuntu0.24.04.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | python3-bson | < 3.11.0-1ubuntu0.22.04.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | python-pymongo-doc | < 3.11.0-1ubuntu0.22.04.1 | UNKNOWN |
References
Related
mongodb
mongodb
Out-of-bounds read in bson module of PyMongo
2024-06-05 14:32:00
debiancve
debiancve
CVE-2024-5629
2024-06-05 15:15:12
cve
cve
CVE-2024-5629
2024-06-05 15:15:12
CVE-2024-21506
2024-04-06 05:15:07
nessus
nessus
Debian dla-3889 : python-pymongo-doc - security update
2024-09-16 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : PyMongo vulnerability (USN-6904-1)
2024-07-22 00:00:00
PyMongo < 4.6.3 Out-of-bounds Read
2024-04-11 00:00:00
redos
redos
ROS-20240611-01
2024-06-11 00:00:00
osv
osv
pymongo - security update
2024-06-17 00:00:00
CVE-2024-5629
2024-06-05 15:15:12
CGA-j75f-6qgr-x3rm
2024-06-06 12:28:04
openvas
openvas
Debian: Security Advisory (DLA-3832-1)
2024-07-01 00:00:00
Debian: Security Advisory (DLA-3889-1)
2024-09-17 00:00:00
Ubuntu: Security Advisory (USN-6904-1)
2024-07-23 00:00:00
github
github
PyMongo Out-of-bounds Read in the bson module
2024-06-05 15:30:39
PyMongo Out-of-bounds Read in the bson module
2024-04-06 06:31:08
Taipy 3.1.1 affected by CVEs on flask-core and pymongo
2024-08-27 19:50:54
vulnrichment
vulnrichment
CVE-2024-5629 Out-of-bounds read in bson module of PyMongo
2024-06-05 14:32:56
redhatcve
redhatcve
CVE-2024-5629
2024-06-05 17:34:36
nvd
nvd
CVE-2024-5629
2024-06-05 15:15:12
CVE-2024-21506
2024-04-06 05:15:07
ubuntucve
ubuntucve
CVE-2024-5629
2024-06-05 00:00:00
cvelist
cvelist
CVE-2024-5629 Out-of-bounds read in bson module of PyMongo
2024-06-05 14:32:56
veracode
veracode
Out-of-bounds Read
2024-04-08 04:56:12
wolfi
wolfi
CVE-2024-5629 vulnerabilities
2024-09-30 09:32:54
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
AI Score
6.6
Confidence
Low
Related for USN-6904-1