Ah, I assumed that you using the Go Driver in your application. It’s possible the CVE warning is coming from some software packaged with your MongoDB installation that is using an old version of the Go Driver. As far as I know, none of the official MongoDB downloads package an old version of the Go Driver. However, some 3rd-party MongoDB package, like the the Ubuntu mongodb package, do seem to be impacted (see details here).
What package are you using to install MongoDB? For example, is it an Ubuntu/Debian package, a Docker image, an archive downloaded from mongodb.com, or something else?