MongoDB Rust Driver has certificate validation disabled when `tlsInsecure=False` appears in connection string

When tlsInsecure=False appears in a connection string, certificate validation is disabled.

This vulnerability affects MongoDB Rust Driver versions prior to v3.2.5.

Published by the National Vulnerability Database Oct 13, 2025

Published to the GitHub Advisory Database Oct 13, 2025

Reviewed Oct 13, 2025

Last updated Oct 13, 2025

Provide feedback