Description
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which perform an $elemMatch . This issue affects MongoDB Server v4.0 versions prior to 4.0.5 and MongoDB Server v3.6 versions prior to 3.6.10.
Remediation
References
Related Vulnerabilities
WordPress Plugin Push Notifications for WordPress (Lite) Cross-Site Request Forgery (6.0)
WordPress Plugin Shopping Cart & eCommerce Store Cross-Site Request Forgery (5.1.0)
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.4)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-5610)