Uploaded image for project: 'MongoDB Database Tools'
  1. MongoDB Database Tools
  2. TOOLS-3434

CVE with mongoexport and mongoimport

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Gone away
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: None
    • 1

      Problem Statement/Rationale

      mongoexport and mongoimport appears to be relying on Golang 1.20.10

      which is susceptible for CVE https://nvd.nist.gov/vuln/detail/CVE-2023-45283

      Steps to Reproduce

      CVE link provides details for to validate the error.

      Expected Results

      Update mongoexport and mongoimport to use Golang that has been patched against this CVE. 

      Actual Results

      What do you observe is happening?

      Additional Notes

      Any additional information that may be useful to include.

            Assignee:
            Unassigned Unassigned
            Reporter:
            manas.khandeshe@delphix.com Manas Khandeshe
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: