CVE-2025-11695

When tlsInsecure=False appears in a connection string, certificate validation is disabled. This vulnerability affects MongoDB Rust Driver versions prior to v3.2.5 Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Securi...

MongoDB Rust Driver has certificate validation disabled when `tlsInsecure=False` appears in connection string

When tlsInsecure=False appears in a connection string, certificate validation is disabled. This vulnerability affects MongoDB Rust Driver versions prior to v3.2.5...

GHSA-3P6W-GV5G-XJW9 MongoDB Rust Driver has certificate validation disabled when `tlsInsecure=False` appears in connection string

When tlsInsecure=False appears in a connection string, certificate validation is disabled. This vulnerability affects MongoDB Rust Driver versions prior to v3.2.5...

EUVD-2025-34070

MongoDB Rust Driver has certificate validation disabled when tlsInsecure=False appears in connection string...

CVE-2025-11695

When tlsInsecure=False appears in a connection string, certificate validation is disabled. This vulnerability affects MongoDB Rust Driver versions prior to v3.2.5...

CVE-2025-11695

When tlsInsecure=False appears in a connection string, certificate validation is disabled. This vulnerability affects MongoDB Rust Driver versions prior to v3.2.5...

CVE-2025-11695 Configuration may unexpectedly disable certificate validation

When tlsInsecure=False appears in a connection string, certificate validation is disabled. This vulnerability affects MongoDB Rust Driver versions prior to v3.2.5...

CVE-2025-11695

CVE-2025-11695 affects the MongoDB Rust Driver prior to v3.2.5. The root cause is that using tlsInsecure=False in a connection string disables certificate validation, enabling potential man-in-the-middle attacks over the network. The vulnerability is characterized with HIGH severity (CVSS metrics...

CVE-2025-11695 Configuration may unexpectedly disable certificate validation

When tlsInsecure=False appears in a connection string, certificate validation is disabled. This vulnerability affects MongoDB Rust Driver versions prior to v3.2.5...

Configuration may unexpectedly disable certificate validation

When tlsInsecure=False appears in a connection string, certificate validation is disabled. This vulnerability affects MongoDB Rust Driver versions prior to v3.2.5...

MongoDB Rust Driver 安全漏洞

MongoDB Rust Driver is a MongoDB open source client library that allows Rust programs to connect to MongoDB databases. A security vulnerability exists in MongoDB Rust Driver versions prior to v3.2.5 that stems from disabling certificate validation, which could lead to a man-in-the-middle attack...

PT-2025-41792

Name of the Vulnerable Software and Affected Versions MongoDB Rust Driver versions prior to 3.2.5 Description The MongoDB Rust Driver is affected by an issue where setting tlsInsecure=False in a connection string disables certificate validation. Normally, this parameter should enforce strict TLS...

EUVD-2024-47489

Malicious code in bioql PyPI...

EUVD-2022-2442

Malicious code in bioql PyPI...

[SECURITY] Fedora 41 Update: selenium-manager-4.34.0-2.fc41

Selenium Manager is a command-line tool implemented in Rust that provides automated driver and browser management for Selenium...

GHSA-32JF-H775-G29H MongoDB Rust driver may issue unintended commands

Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application behavior including data modification. This issue affects MongoDB Rust Driver 2.0 versions prior to 2.8.2...

MongoDB Rust driver may issue unintended commands

Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application behavior including data modification. This issue affects MongoDB Rust Driver 2.0 versions prior to 2.8.2...

CVE-2024-6382

Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application behavior including data modification. This issue affects MongoDB Rust Driver 2.0 versions prior to 2.8.2...

CVE-2024-6382

Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application behavior including data modification. This issue affects MongoDB Rust Driver 2.0 versions prior to 2.8.2...

CVE-2024-6382 Adversarial unsanitized input may cause MongoDB Rust Driver to issue unintended commands.

Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application behavior including data modification. This issue affects MongoDB Rust Driver 2.0 versions prior to 2.8.2...