VulnerableCode Package Details

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:gem/bson@2.0

purl	pkg:gem/bson@2.0

Next non-vulnerable version	3.0.4
Latest non-vulnerable version	3.0.4
Risk

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-mha4-yc5v-8uhm Aliases: CVE-2015-4412 GHSA-h6rj-8r3c-9gpj	Data Injection Vulnerability A flaw in the ObjectId validation regular expression can enable attackers to inject arbitrary information into a given BSON object.	3.0.4 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-05T21:05:17.771036+00:00	GHSA Importer	Affected by	VCID-mha4-yc5v-8uhm	https://github.com/advisories/GHSA-h6rj-8r3c-9gpj	38.6.0