Due to improper input sanitization when marshalling Go objects into BSON, a maliciously constructed
Go structure could allow an attacker to inject additional fields into a MongoDB document. Users are
affected if they use this package to handle untrusted user input.
CPE | Name | Operator | Version |
---|---|---|---|
go.mongodb.org/mongo-driver | lt | 1.5.1 |