Lucene search
GoogleOSV:GO-2021-0111HistoryJul 28, 2021 - 6:08 p.m.
GO-2021-0111
2021-07-2818:08:05
Google
osv.dev
24
0.001 Low
EPSS
Percentile
22.7%
Due to improper input sanitization when marshalling Go objects into BSON, a maliciously constructed
Go structure could allow an attacker to inject additional fields into a MongoDB document. Users are
affected if they use this package to handle untrusted user input.
| CPE | Name | Operator | Version |
|---|---|---|---|
| go.mongodb.org/mongo-driver | lt | 1.5.1 |
Related
gitlab
gitlab
Improper Input Validation
2021-06-15 00:00:00
Improper Input Validation
2021-06-10 00:00:00
prion
prion
Design/Logic Flaw
2021-06-10 17:15:00
ubuntucve
ubuntucve
CVE-2021-20329
2021-06-10 00:00:00
osv
osv
Improper input validation in go.mongodb.org/mongo-driver
2021-07-28 18:08:05
go.mongodb.org/mongo-driver improperly validates cstrings when marshalling Go objects into BSON
2021-06-15 16:08:16
CVE-2021-20329
2021-06-10 17:15:08
github
github
mongodb
mongodb
Specific cstrings input may not be properly validated in the Go Driver
2021-06-10 14:00:00
redhatcve
redhatcve
CVE-2021-20329
2021-06-11 17:43:56
nvd
nvd
CVE-2021-20329
2021-06-10 17:15:08
veracode
veracode
Improper Input Validation
2021-06-16 19:36:23
cve
cve
CVE-2021-20329
2021-06-10 17:15:08
cvelist
cvelist
ibm
ibm
redhat
redhat