Description
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to 4.0.13 and MongoDB Server v3.6 versions prior to 3.6.15.
Remediation
References
Related Vulnerabilities
WordPress Plugin Custom Field Suite Security Bypass (2.4)
WordPress Plugin Font Organizer Cross-Site Scripting (2.1.1)
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.9)
WordPress Plugin Product Catalog SQL Injection (3.1.2)
ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-4753)