VulnerableCode Package Details - pkg:gem/bson@1.13

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:gem/bson@1.13

Essentials
History (1)

purl	pkg:gem/bson@1.13
Tags	Ghost

Next non-vulnerable version	3.0.4
Latest non-vulnerable version	3.0.4
Risk	4.5

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-mha4-yc5v-8uhm Aliases: CVE-2015-4412 GHSA-h6rj-8r3c-9gpj	Data Injection Vulnerability A flaw in the ObjectId validation regular expression can enable attackers to inject arbitrary information into a given BSON object.	3.0.4 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-04T16:14:47.878534+00:00	Ruby Importer	Affected by	VCID-mha4-yc5v-8uhm	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bson/CVE-2015-4412.yml	38.6.0