Control: tags -1 + confirmed On Sun, 2020-04-26 at 21:45 +0200, Xavier Guimard wrote: > bson (embedded in node-mongodb) is vulnerable to Deserialization of > Untrusted Data. This upstream fix fixes both CVE-2019-2391 and CVE- > 2020-7610. >
Please go ahead. Regards, Adam