CVE-2019-20923

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 4.0.7

Description A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which throw unhandled Javascript exceptions containing types intended to be scoped to the Javascript engine's internals.

Recommendations For versions prior to 4.0.7, update to version 4.0.7 or later to resolve the issue. As a temporary workaround, consider restricting access to database queries to minimize the risk of exploitation.