3.0.3

DATE	CVE	VULNERABILITY TITLE	RISK
2018-02-05	CVE-2015-4412	Resource Exhaustion vulnerability in Bson Project Bson 3.0.3 BSON injection vulnerability in the legal? function in BSON (bson-ruby) gem before 3.0.4 for Ruby allows remote attackers to cause a denial of service (resource consumption) or inject arbitrary data via a crafted string. network low complexity bson-project CWE-400	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.