EPSS
Percentile
45.3%
bson-objectid is vulnerable to authorization bypass. The vulnerability exists as it was possible to generate a malformed objectid through ObjectID() by inserting an additional property in the user-input.
objectid
ObjectID()
github.com/williamkapke/bson-objectid/commit/66951350feedcf213264c7fe45455813efc8e119
github.com/williamkapke/bson-objectid/issues/27
github.com/williamkapke/bson-objectid/issues/30
github.com/williamkapke/bson-objectid/pull/28
www.npmjs.com/package/bson-objectid