npm package
mongodb-client-encryption
pkg:npm/mongodb-client-encryption
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-20327 | — | >= 1.2.0, < 1.2.1 | 1.2.1 | Feb 25, 2021 | A specific version of the Node.js mongodb-client-encryption module does not perform correct validation of the KMS server’s certificate. This vulnerability in combination with a privileged network position active MITM attack could result in interception of traffic between the Node |
- CVE-2021-20327Feb 25, 2021affected >= 1.2.0, < 1.2.1fixed 1.2.1
A specific version of the Node.js mongodb-client-encryption module does not perform correct validation of the KMS server’s certificate. This vulnerability in combination with a privileged network position active MITM attack could result in interception of traffic between the Node