CVE-2019-2392

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 4.4.1 MongoDB Server versions prior to 4.2.9 MongoDB Server versions prior to 4.0.20 MongoDB Server versions prior to 3.6.20

Description A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use the $mod operator to overflow negative values.

Recommendations For versions prior to 4.4.1, update to version 4.4.1 or later. For versions prior to 4.2.9, update to version 4.2.9 or later. For versions prior to 4.0.20, update to version 4.0.20 or later. For versions prior to 3.6.20, update to version 3.6.20 or later.