Mongodb · Mongodb Server · CVE-2019-20924
**Name of the Vulnerable Software and Affected Versions**
MongoDB Server versions prior to 4.2.2
**Description**
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries which trigger an invariant in the IndexBoundsBuilder.
**Recommendations**
For versions prior to 4.2.2, update to version 4.2.2 or later to resolve the issue. As a temporary workaround, consider restricting access to database queries to minimize the risk of exploitation.