Description

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which throw unhandled Javascript exceptions containing types intended to be scoped to the Javascript engine's internals. This issue affects MongoDB Server v4.0 versions prior to 4.0.7.

Remediation

References

CVE-2019-20923

Related Vulnerabilities

WordPress Plugin Duplicator-WordPress Migration Cross-Site Scripting (0.5.26)

PHP NULL Pointer Dereference Vulnerability (CVE-2016-7132)

WordPress Plugin Fast Velocity Minify Information Disclosure (2.7.6)

MySQL CVE-2016-5631 Vulnerability (CVE-2016-5631)

Oracle HTTP Server CVE-2020-2952 Vulnerability (CVE-2020-2952)

Severity

Medium

Classification

CVE-2019-20923 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities