pymongo

PyPI2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting pymongopage 1 of 1

CVE-2013-2132NONECVSS 0.0EG 0.0✓ Fixed in 2.5.2
2013-08-15
vulnerable: 0.1.1pre ... 2.5.1 (73 versions)
bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an "inv…
CVE-2024-5629MEDIUMCVSS 4.7EG 4.7✓ Fixed in 4.6.3
2024-06-05
vulnerable: 0.1.1pre ... 4.6.2 (137 versions)
An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory.

Check whether pymongo is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for pymongo CVEs against the assets you own.

Start Free Scan →