VYPR

Maven package

org.mongodb/mongodb-driver-sync

pkg:maven/org.mongodb/mongodb-driver-sync

Vulnerabilities (1)

  • CVE-2021-20328Feb 25, 2021
    affected >= 4.0.0, < 4.0.6fixed 4.0.6

    Specific versions of the Java driver that support client-side field level encryption (CSFLE) fail to perform correct host name verification on the KMS server’s certificate. This vulnerability in combination with a privileged network position active MITM attack could result in int