CVE-2020-1929 is a vulnerability in Apache Beam
Published on January 15, 2020

The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an option to disable SSL trust verification. However this configuration is not respected and the certificate verification disables trust verification in every case. This exclusion also gets registered globally which disables trust checking for any code running in the same JVM.

NVD

Products Associated with CVE-2020-1929

Want to know whenever a new CVE is published for Apache Beam? stack.watch will email you.

Apache Beam

Affected Versions

Apache Beam Version 2.10.0 to 2.16.0 is affected by CVE-2020-1929

Exploit Probability

EPSS

0.40%

Percentile

60.31%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-1929 is a vulnerability in Apache BeamPublished on January 15, 2020

Products Associated with CVE-2020-1929

Affected Versions

Exploit Probability

CVE-2020-1929 is a vulnerability in Apache Beam
Published on January 15, 2020