CVE-2021-20329 – Specific cstrings input may not be properly validated in the MongoDB Go Driver when marsha …

Vuln ID: CVE-2021-20329

Published:  2021-06-10  17:15:08Z

Description: Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshalling Go objects into BSON. A malicious user could use a Go object with specific string to potentially inject additional fields into marshalled documents. This issue affects all MongoDB GO Drivers up to (and including) 1.5.0.

Source: NVD.NIST.GOV

 


Date:

Categorie(s):

Tag(s):