VYPR

Maven package

org.mongodb/mongo-java-driver

pkg:maven/org.mongodb/mongo-java-driver

Vulnerabilities (1)

  • CVE-2021-20328Feb 25, 2021
    affected >= 3.11.0, < 3.11.3fixed 3.11.3

    Specific versions of the Java driver that support client-side field level encryption (CSFLE) fail to perform correct host name verification on the KMS server’s certificate. This vulnerability in combination with a privileged network position active MITM attack could result in int