A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which perform an $elemMatch . This issue affects MongoDB Server v4.0 versions prior to 4.0.5 and MongoDB Server v3.6 versions prior to 3.6.10.
References
Link | Resource |
---|---|
https://jira.mongodb.org/browse/SERVER-38164 | Issue Tracking Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mongodb
Published: 2020-11-30T00:00:00
Updated: 2024-01-23T14:29:21.432Z
Reserved: 2019-03-15T00:00:00
Link: CVE-2018-20805
JSON object: View
NVD Information
Status : Modified
Published: 2020-11-23T16:15:12.277
Modified: 2024-01-23T15:15:10.503
Link: CVE-2018-20805
JSON object: View
Redhat Information
No data.
CWE