fix: brute force guessing of user sensitive data via search patterns; this fixes a security vulnerability in which internal and protected fields may be used as query constraints to guess the value of these fields and obtain sensitive data (GHSA-2m6g-crv8-p3c6) (#8143)
This commit is contained in:
Manuel
GitHub
1
.github/workflows/ci.yml
vendored
1
.github/workflows/ci.yml
vendored
@@ -13,6 +13,7 @@ env:
|
||||
jobs:
|
||||
check-mongo:
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
include:
|
||||
- name: Mongo 4.0.4, ReplicaSet, WiredTiger
|
||||
|
||||
Reference in New Issue
Block a user