Mongodb Inc Mongodb Go Driver vulnerabilities
2 known vulnerabilities affecting mongodb_inc/mongodb_go_driver.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2026-2303P3MEDIUMCVSS 6.5≥ 1.0.0, < 1.17.7≥ 2.0.0, < 2.4.22026-02-10
CVE-2026-2303 [MEDIUM] CWE-183 CVE-2026-2303: The mongo-go-driver repository contains CGo bindings for GSSAPI (Kerberos) authentication on Linux a
The mongo-go-driver repository contains CGo bindings for GSSAPI (Kerberos) authentication on Linux and macOS. The C wrapper implementation contains a heap out-of-bounds read vulnerability due to incorrect assumptions about string termination in the GSSAPI standard. Since GSSAPI buffers are not guaranteed to be null-terminated or have extra padding, th
nvd
CVE-2021-20329P4MEDIUMCVSS 6.5≥ 1.0, ≤ 1.5.02021-06-10
CVE-2021-20329 [MEDIUM] CWE-1287 CVE-2021-20329: Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshalling Go o
Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshalling Go objects into BSON. A malicious user could use a Go object with specific string to potentially inject additional fields into marshalled documents. This issue affects all MongoDB GO Drivers prior to and including 1.5.0.
nvd