Description
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which perform an $elemMatch . This issue affects MongoDB Server v4.0 versions prior to 4.0.5 and MongoDB Server v3.6 versions prior to 3.6.10.
Remediation
References
Related Vulnerabilities
Joomla! Core 1.5.x Multiple Cross-Site Scripting Vulnerabilities (1.5.0 - 1.5.20)
AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2022-25844)
WordPress 2.8.5 Multiple Vulnerabilities (2.8 - 2.8.5)
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33334)
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-23127)