data/reports/GO-2021-0112.yaml - vulndb - Git at Google

 id: GO-2021-0112
 modules:
     - module: go.mongodb.org/mongo-driver
       versions:
         - fixed: 1.5.1
       vulnerable_at: 1.5.0
       packages:
         - package: go.mongodb.org/mongo-driver/x/bsonx/bsoncore
           symbols:
             - AppendHeader
             - AppendRegex
           derived_symbols:
             - AppendArrayElement
             - AppendArrayElementStart
             - AppendBinaryElement
             - AppendBooleanElement
             - AppendCodeWithScopeElement
             - AppendDBPointerElement
             - AppendDateTimeElement
             - AppendDecimal128Element
             - AppendDocumentElement
             - AppendDocumentElementStart
             - AppendDoubleElement
             - AppendInt32Element
             - AppendInt64Element
             - AppendJavaScriptElement
             - AppendMaxKeyElement
             - AppendMinKeyElement
             - AppendNullElement
             - AppendObjectIDElement
             - AppendRegexElement
             - AppendStringElement
             - AppendSymbolElement
             - AppendTimeElement
             - AppendTimestampElement
             - AppendUndefinedElement
             - AppendValueElement
             - ArrayBuilder.AppendArray
             - ArrayBuilder.AppendBinary
             - ArrayBuilder.AppendBoolean
             - ArrayBuilder.AppendCodeWithScope
             - ArrayBuilder.AppendDBPointer
             - ArrayBuilder.AppendDateTime
             - ArrayBuilder.AppendDecimal128
             - ArrayBuilder.AppendDocument
             - ArrayBuilder.AppendDouble
             - ArrayBuilder.AppendInt32
             - ArrayBuilder.AppendInt64
             - ArrayBuilder.AppendJavaScript
             - ArrayBuilder.AppendMaxKey
             - ArrayBuilder.AppendMinKey
             - ArrayBuilder.AppendNull
             - ArrayBuilder.AppendObjectID
             - ArrayBuilder.AppendRegex
             - ArrayBuilder.AppendString
             - ArrayBuilder.AppendSymbol
             - ArrayBuilder.AppendTimestamp
             - ArrayBuilder.AppendUndefined
             - ArrayBuilder.AppendValue
             - ArrayBuilder.StartArray
             - BuildArray
             - BuildArrayElement
             - BuildDocumentElement
             - DocumentBuilder.AppendArray
             - DocumentBuilder.AppendBinary
             - DocumentBuilder.AppendBoolean
             - DocumentBuilder.AppendCodeWithScope
             - DocumentBuilder.AppendDBPointer
             - DocumentBuilder.AppendDateTime
             - DocumentBuilder.AppendDecimal128
             - DocumentBuilder.AppendDocument
             - DocumentBuilder.AppendDouble
             - DocumentBuilder.AppendInt32
             - DocumentBuilder.AppendInt64
             - DocumentBuilder.AppendJavaScript
             - DocumentBuilder.AppendMaxKey
             - DocumentBuilder.AppendMinKey
             - DocumentBuilder.AppendNull
             - DocumentBuilder.AppendObjectID
             - DocumentBuilder.AppendRegex
             - DocumentBuilder.AppendString
             - DocumentBuilder.AppendSymbol
             - DocumentBuilder.AppendTimestamp
             - DocumentBuilder.AppendUndefined
             - DocumentBuilder.AppendValue
             - DocumentBuilder.StartDocument
         - package: go.mongodb.org/mongo-driver/bson/bsonrw
           symbols:
             - valueWriter.writeElementHeader
           derived_symbols:
             - Copier.AppendArrayBytes
             - Copier.AppendDocumentBytes
             - Copier.AppendValueBytes
             - Copier.CopyArrayFromBytes
             - Copier.CopyBytesToArrayWriter
             - Copier.CopyBytesToDocumentWriter
             - Copier.CopyDocument
             - Copier.CopyDocumentFromBytes
             - Copier.CopyDocumentToBytes
             - Copier.CopyValue
             - Copier.CopyValueFromBytes
             - Copier.CopyValueToBytes
             - CopyDocument
             - valueWriter.WriteArray
             - valueWriter.WriteBinary
             - valueWriter.WriteBinaryWithSubtype
             - valueWriter.WriteBoolean
             - valueWriter.WriteCodeWithScope
             - valueWriter.WriteDBPointer
             - valueWriter.WriteDateTime
             - valueWriter.WriteDecimal128
             - valueWriter.WriteDocument
             - valueWriter.WriteDouble
             - valueWriter.WriteInt32
             - valueWriter.WriteInt64
             - valueWriter.WriteJavascript
             - valueWriter.WriteMaxKey
             - valueWriter.WriteMinKey
             - valueWriter.WriteNull
             - valueWriter.WriteObjectID
             - valueWriter.WriteRegex
             - valueWriter.WriteString
             - valueWriter.WriteSymbol
             - valueWriter.WriteTimestamp
             - valueWriter.WriteUndefined
             - valueWriter.WriteValueBytes
 summary: Improper input validation in go.mongodb.org/mongo-driver
 description: |-
     Due to improper input sanitization when marshalling Go objects into BSON, a
     maliciously constructed Go structure could allow an attacker to inject
     additional fields into a MongoDB document. Users are affected if they use this
     package to handle untrusted user input.
 published: 2021-07-28T18:08:05Z
 cves:
     - CVE-2021-20329
 ghsas:
     - GHSA-f6mq-5m25-4r72
 references:
     - fix: https://github.com/mongodb/mongo-go-driver/pull/622
     - fix: https://github.com/mongodb/mongo-go-driver/commit/2aca31d5986a9e1c65a92264736de9fdc3b9b4ca
     - web: https://jira.mongodb.org/browse/GODRIVER-1923
	id: GO-2021-0112
	modules:
	- module: go.mongodb.org/mongo-driver
	versions:
	- fixed: 1.5.1
	vulnerable_at: 1.5.0
	packages:
	- package: go.mongodb.org/mongo-driver/x/bsonx/bsoncore
	symbols:
	- AppendHeader
	- AppendRegex
	derived_symbols:
	- AppendArrayElement
	- AppendArrayElementStart
	- AppendBinaryElement
	- AppendBooleanElement
	- AppendCodeWithScopeElement
	- AppendDBPointerElement
	- AppendDateTimeElement
	- AppendDecimal128Element
	- AppendDocumentElement
	- AppendDocumentElementStart
	- AppendDoubleElement
	- AppendInt32Element
	- AppendInt64Element
	- AppendJavaScriptElement
	- AppendMaxKeyElement
	- AppendMinKeyElement
	- AppendNullElement
	- AppendObjectIDElement
	- AppendRegexElement
	- AppendStringElement
	- AppendSymbolElement
	- AppendTimeElement
	- AppendTimestampElement
	- AppendUndefinedElement
	- AppendValueElement
	- ArrayBuilder.AppendArray
	- ArrayBuilder.AppendBinary
	- ArrayBuilder.AppendBoolean
	- ArrayBuilder.AppendCodeWithScope
	- ArrayBuilder.AppendDBPointer
	- ArrayBuilder.AppendDateTime
	- ArrayBuilder.AppendDecimal128
	- ArrayBuilder.AppendDocument
	- ArrayBuilder.AppendDouble
	- ArrayBuilder.AppendInt32
	- ArrayBuilder.AppendInt64
	- ArrayBuilder.AppendJavaScript
	- ArrayBuilder.AppendMaxKey
	- ArrayBuilder.AppendMinKey
	- ArrayBuilder.AppendNull
	- ArrayBuilder.AppendObjectID
	- ArrayBuilder.AppendRegex
	- ArrayBuilder.AppendString
	- ArrayBuilder.AppendSymbol
	- ArrayBuilder.AppendTimestamp
	- ArrayBuilder.AppendUndefined
	- ArrayBuilder.AppendValue
	- ArrayBuilder.StartArray
	- BuildArray
	- BuildArrayElement
	- BuildDocumentElement
	- DocumentBuilder.AppendArray
	- DocumentBuilder.AppendBinary
	- DocumentBuilder.AppendBoolean
	- DocumentBuilder.AppendCodeWithScope
	- DocumentBuilder.AppendDBPointer
	- DocumentBuilder.AppendDateTime
	- DocumentBuilder.AppendDecimal128
	- DocumentBuilder.AppendDocument
	- DocumentBuilder.AppendDouble
	- DocumentBuilder.AppendInt32
	- DocumentBuilder.AppendInt64
	- DocumentBuilder.AppendJavaScript
	- DocumentBuilder.AppendMaxKey
	- DocumentBuilder.AppendMinKey
	- DocumentBuilder.AppendNull
	- DocumentBuilder.AppendObjectID
	- DocumentBuilder.AppendRegex
	- DocumentBuilder.AppendString
	- DocumentBuilder.AppendSymbol
	- DocumentBuilder.AppendTimestamp
	- DocumentBuilder.AppendUndefined
	- DocumentBuilder.AppendValue
	- DocumentBuilder.StartDocument
	- package: go.mongodb.org/mongo-driver/bson/bsonrw
	symbols:
	- valueWriter.writeElementHeader
	derived_symbols:
	- Copier.AppendArrayBytes
	- Copier.AppendDocumentBytes
	- Copier.AppendValueBytes
	- Copier.CopyArrayFromBytes
	- Copier.CopyBytesToArrayWriter
	- Copier.CopyBytesToDocumentWriter
	- Copier.CopyDocument
	- Copier.CopyDocumentFromBytes
	- Copier.CopyDocumentToBytes
	- Copier.CopyValue
	- Copier.CopyValueFromBytes
	- Copier.CopyValueToBytes
	- CopyDocument
	- valueWriter.WriteArray
	- valueWriter.WriteBinary
	- valueWriter.WriteBinaryWithSubtype
	- valueWriter.WriteBoolean
	- valueWriter.WriteCodeWithScope
	- valueWriter.WriteDBPointer
	- valueWriter.WriteDateTime
	- valueWriter.WriteDecimal128
	- valueWriter.WriteDocument
	- valueWriter.WriteDouble
	- valueWriter.WriteInt32
	- valueWriter.WriteInt64
	- valueWriter.WriteJavascript
	- valueWriter.WriteMaxKey
	- valueWriter.WriteMinKey
	- valueWriter.WriteNull
	- valueWriter.WriteObjectID
	- valueWriter.WriteRegex
	- valueWriter.WriteString
	- valueWriter.WriteSymbol
	- valueWriter.WriteTimestamp
	- valueWriter.WriteUndefined
	- valueWriter.WriteValueBytes
	summary: Improper input validation in go.mongodb.org/mongo-driver
	description: \|-
	Due to improper input sanitization when marshalling Go objects into BSON, a
	maliciously constructed Go structure could allow an attacker to inject
	additional fields into a MongoDB document. Users are affected if they use this
	package to handle untrusted user input.
	published: 2021-07-28T18:08:05Z
	cves:
	- CVE-2021-20329
	ghsas:
	- GHSA-f6mq-5m25-4r72
	references:
	- fix: https://github.com/mongodb/mongo-go-driver/pull/622
	- fix: https://github.com/mongodb/mongo-go-driver/commit/2aca31d5986a9e1c65a92264736de9fdc3b9b4ca
	- web: https://jira.mongodb.org/browse/GODRIVER-1923