What an awful vulnerability. The most interesting fact is that this has been there since the PR that introduced it in 2017[1].
I'm not sure how Mongo's review process works, but it seems like this one had zero review.
What an awful vulnerability. The most interesting fact is that this has been there since the PR that introduced it in 2017[1].
I'm not sure how Mongo's review process works, but it seems like this one had zero review.