CVE-2019-2393

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 4.2.1 MongoDB Server versions prior to 4.0.13 MongoDB Server versions prior to 3.6.15

Description A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations.

Recommendations For MongoDB Server versions prior to 4.2.1, update to version 4.2.1 or later. For MongoDB Server versions prior to 4.0.13, update to version 4.0.13 or later. For MongoDB Server versions prior to 3.6.15, update to version 3.6.15 or later.