CVE-2018-20805

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 4.0.5 MongoDB Server versions prior to 3.6.10

Description A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which perform an $elemMatch.

Recommendations For MongoDB Server versions prior to 4.0.5, update to version 4.0.5 or later. For MongoDB Server versions prior to 3.6.10, update to version 3.6.10 or later.