Your submission was sent successfully! Close

CVE-2013-2132

Published: 03 June 2013

bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an "invalid DBRef."

Priority

Medium

Status

Package Release Status
pymongo
Launchpad, Ubuntu, Debian
Upstream
Released (2.5.2-1)
Patches:
Upstream: https://github.com/mongodb/mongo-python-driver/commit/a060c15ef87e0f0e72974c7c0e57fe811bbd06a2