CVE-2025-11695

When tlsInsecure=False appears in a connection string, certificate validation is disabled. This vulnerability affects MongoDB Rust Driver versions prior to v3.2.5 Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Securi...

MongoDB Rust Driver 安全漏洞

MongoDB Rust Driver is a MongoDB open source client library that allows Rust programs to connect to MongoDB databases. A security vulnerability exists in MongoDB Rust Driver versions prior to v3.2.5 that stems from disabling certificate validation, which could lead to a man-in-the-middle attack...

PT-2025-41792

Name of the Vulnerable Software and Affected Versions MongoDB Rust Driver versions prior to 3.2.5 Description The MongoDB Rust Driver is affected by an issue where setting tlsInsecure=False in a connection string disables certificate validation. Normally, this parameter should enforce strict TLS...