Java Driver
1 CVEs
product
Monthly
Specific versions of the Java driver that support client-side field level encryption (CSFLE) fail to perform correct host name verification on the KMS server’s certificate. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required.
Microsoft
Information Disclosure
Java
Java Driver
Quarkus
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2021-20328
Maven
EPSS 0%
CVSS 6.8
MEDIUM
PATCH
This Month
Specific versions of the Java driver that support client-side field level encryption (CSFLE) fail to perform correct host name verification on the KMS server’s certificate. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required.
Microsoft
Information Disclosure
Java
+2
NVD