RHSA-2021:0871: Red Hat Security Advisory: Red Hat Integration Debezium 1.4.2 security update

An update for Debezium MongoDB connector is now available for Red Hat Integration. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.MongoDB is a higly-scalable document database. The Debezium MongoDB connector includes Java driver to access a MongoDB database. Security Fix(es):

• mongodb-driver: mongo-java-driver: client-side field level encryption not verifying KMS host name (CVE-2021-20328) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Related CVEs:
• CVE-2021-20328: mongo-java-driver: client-side field level encryption not verifying KMS host name