VYPR

Maven package

org.apache.beam/beam-sdks-java-io-mongodb

pkg:maven/org.apache.beam/beam-sdks-java-io-mongodb

Vulnerabilities (1)

  • CVE-2020-1929Jan 15, 2020
    affected >= 2.10.0, < 2.17.0fixed 2.17.0

    The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an option to disable SSL trust verification. However this configuration is not respected and the certificate verification disables trust verification in every case. This exclusion also gets registered globally whi