CVE-2019-2391

Name of the Vulnerable Software and Affected Versions js-bson library version 1.1.3 and prior

Description The issue is caused by incorrect parsing of certain JSON input, which may result in js-bson not correctly serializing BSON. This can cause unexpected application behavior, including data disclosure.

Recommendations For js-bson library version 1.1.3 and prior, update to a version later than 1.1.3 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.