ID CVE-2021-20329
Summary Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshalling Go objects into BSON. A malicious user could use a Go object with specific string to potentially inject additional fields into marshalled documents. This issue affects all MongoDB GO Drivers up to (and including) 1.5.0.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 10-06-2021 - 18:50
Published 10-06-2021 - 17:15
Last modified 10-06-2021 - 18:50
Back to Top