CVE-2018-13863 is a vulnerability in MongoDB Js Bson
Published on July 10, 2018

The MongoDB bson JavaScript module (also known as js-bson) versions 0.5.0 to 1.0.x before 1.0.5 is vulnerable to a Regular Expression Denial of Service (ReDoS) in lib/bson/decimal128.js. The flaw is triggered when the Decimal128.fromString() function is called to parse a long untrusted string.

NVD

Products Associated with CVE-2018-13863

Want to know whenever a new CVE is published for MongoDB Js Bson? stack.watch will email you.

MongoDB Js Bson

Exploit Probability

EPSS

0.39%

Percentile

59.46%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-13863 is a vulnerability in MongoDB Js BsonPublished on July 10, 2018

Products Associated with CVE-2018-13863

Exploit Probability

CVE-2018-13863 is a vulnerability in MongoDB Js Bson
Published on July 10, 2018