CVE-2024-5629

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Jun 5, 2024

Updated: Jun 18, 2024

CWE ID 125

Summary

CVE-2024-5629 is a newly disclosed vulnerability affecting the 'bson' module in PyMongo versions 4.6.2 and earlier. This issue permits an out-of-bounds read during deserialization of malformed BSON data from a Server. The malformed data can cause an exception to be raised, providing an attacker with potential access to arbitrary application memory. This vulnerability poses a serious risk to systems utilizing PyMongo for data processing and highlights the importance of keeping software up to date to mitigate security threats.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Debian

Affected Vendors

Debian
MongoDB Inc

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/wRnQNB
https://www.cve.org/CVERecord?id=CVE-2024-5629
https://nvd.nist.gov/vuln/detail/CVE-2024-5629

Back to Vulnerability Database