Miggo Logo
Miggo Vulnerability Database
CVE-2013-2132

CVE-2013-2132:
Use of NullPointerException Catch to Detect NULL Pointer Dereference in Pymongo

N/A

CVSS Score

Basic Information

CVE ID
CVE-2013-2132
GHSA ID
GHSA-x33v-f3gp-gw2c
EPSS Score
0.85053%
CWE
CWE-395
Published
5/14/2022
Updated
10/15/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
-
Package NameEcosystemVulnerable VersionsFirst Patched Version
pymongopip< 2.5.22.5.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the C implementation of DBRef decoding in _cbsonmodule.c. The original code in get_value() assumed the '$id' key was always present, directly calling PyDict_DelItemString("$id") and Py_INCREF(id) without checking if 'id' was NULL. The patch adds a NULL check and handles missing '$id' by setting it to Py_None. This matches the CWE-395 description of using exception handling (or lack thereof) to detect NULL dereferences. The Python-side change in bson/init.py (using pop("$id", None)) complements this fix but does not directly cause the crash. The root cause is unambiguously in the C module's handling of missing '$id'.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*son/_**sonmo*ul*.* in t** mon*o-pyt*on-*riv*r (*k*. pymon*o) ***or* *.*.*, *s us** in Mon*o**, *llows *ont*xt-**p*n**nt *tt**k*rs to **us* * **ni*l o* s*rvi** (NULL point*r **r***r*n** *n* *r*s*) vi* v**tors r*l*t** to ***o*in* o* *n "inv*li* **R**.

Reasoning

T** vuln*r**ility st*ms *rom t** * impl*m*nt*tion o* **R** ***o*in* in _**sonmo*ul*.*. T** ori*in*l *o** in **t_v*lu*() *ssum** t** '$i*' k*y w*s *lw*ys pr*s*nt, *ir**tly **llin* Py*i*t_**lIt*mStrin*("$i*") *n* Py_IN*R**(i*) wit*out ****kin* i* 'i*'