VDB
GHSA-cr6f-gf5w-vhrc
GHSA-cr6f-gf5w-vhrc
REJECTED
CVSS 5.199999809265137 MEDIUM
PyMongo Out-of-bounds Read in the bson module
Risk Scores
CVSS v3.1
5.199999809265137
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| PyPI | pymongo | 0, 0 |
Timeline
- Apr 6, 2024 CVE Published
- Jan 26, 2026 CVE Updated
- Mar 2, 2026 Security Advisory
References
- https://nvd.nist.gov/vuln/detail/CVE-2024-21506 advisory
- https://github.com/mongodb/mongo-python-driver/commit/56b6b6dbc267d365d97c037082369dabf37405d2 url
- https://gist.github.com/keltecc/62a7c2bf74a997d0a7b48a0ff3853a03 url
- https://github.com/mongodb/mongo-python-driver package
- https://security.snyk.io/vuln/SNYK-PYTHON-PYMONGO-6370597 url