Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache couchdb vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2017-12635
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB prior to 1.7.0 and 2.x prior to 2.1.1 to submit _users documents with duplicate keys for 'roles' used for access control within the database, including ...
Apache Couchdb
Apache Couchdb 2.0.0
2 EDB exploits
6 Github repositories
9
CVSSv2
CVE-2017-12636
CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB prior to 1.7.0 and 2.x prior to 2...
Apache Couchdb
Apache Couchdb 2.0.0
2 EDB exploits
5 Github repositories
6.8
CVSSv2
CVE-2012-5649
Apache CouchDB prior to 1.0.4, 1.1.x prior to 1.1.2, and 1.2.x prior to 1.2.1 allows remote malicious users to execute arbitrary code via a JSONP callback, related to Adobe Flash.
Apache Couchdb
Apache Couchdb 1.0.2
Apache Couchdb 1.0.1
Apache Couchdb 1.0.0
Apache Couchdb 1.1.1
Apache Couchdb 1.2.0
Apache Couchdb 1.1.0
5
CVSSv2
CVE-2014-2668
Apache CouchDB 1.5.0 and previous versions allows remote malicious users to cause a denial of service (CPU and memory consumption) via the count parameter to /_uuids.
Apache Couchdb
1 EDB exploit
5
CVSSv2
CVE-2012-5641
Directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb prior to 2.4.0, as used in Apache CouchDB prior to 1.0.4, 1.1.x prior to 1.1.2, and 1.2.x prior to 1.2.1, allows remote malicious users to read arbitrary files via a ..\ (dot dot backsla...
Apache Couchdb 1.1.1
Apache Couchdb 1.2.0
Mochiweb Project Mochiweb 2.3.0
Mochiweb Project Mochiweb 2.2.1
Apache Couchdb 1.1.0
Mochiweb Project Mochiweb
Mochiweb Project Mochiweb 2.3.1
Apache Couchdb 1.0.1
Apache Couchdb 1.0.0
Apache Couchdb
Apache Couchdb 1.0.2
Mochiweb Project Mochiweb 2.2.0
Mochiweb Project Mochiweb 2.1.0
4.3
CVSSv2
CVE-2012-5650
Cross-site scripting (XSS) vulnerability in the Futon UI in Apache CouchDB prior to 1.0.4, 1.1.x prior to 1.1.2, and 1.2.x prior to 1.2.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters to the browser-based test suite.
Apache Couchdb 1.0.2
Apache Couchdb 1.1.0
Apache Couchdb 1.0.1
Apache Couchdb 1.0.0
Apache Couchdb 1.2.0
Apache Couchdb
Apache Couchdb 1.1.1
4.3
CVSSv2
CVE-2010-3854
Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface (aka Futon) in Apache CouchDB 0.8.0 up to and including 1.0.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Apache Couchdb 0.9.0
Apache Couchdb 0.11.1
Apache Couchdb 0.9.1
Apache Couchdb 1.0.1
Apache Couchdb 0.11.0
Apache Couchdb 0.10.2
Apache Couchdb 1.0.0
Apache Couchdb 0.8.1
Apache Couchdb 0.10.1
Apache Couchdb 0.9.2
Apache Couchdb 0.11.2
Apache Couchdb 0.10.0
Apache Couchdb 0.8.0
6.9
CVSSv2
CVE-2010-2953
Untrusted search path vulnerability in a certain Debian GNU/Linux patch for the couchdb script in CouchDB 0.8.0 allows local users to gain privileges via a crafted shared library in the current working directory.
Apache Couchdb 0.8.0
6.8
CVSSv2
CVE-2010-2234
Cross-site request forgery (CSRF) vulnerability in Apache CouchDB 0.8.0 up to and including 0.11.0 allows remote malicious users to hijack the authentication of administrators for direct requests to an installation URL.
Apache Couchdb 0.8.0
Apache Couchdb 0.10.1
Apache Couchdb 0.10.0
Apache Couchdb 0.8.1
Apache Couchdb 0.11.0
Apache Couchdb 0.9.2
Apache Couchdb 0.9.1
Apache Couchdb 0.9.0
4.3
CVSSv2
CVE-2010-0009
Apache CouchDB 0.8.0 up to and including 0.10.1 allows remote malicious users to obtain sensitive information by measuring the completion time of operations that verify (1) hashes or (2) passwords.
Apache Couchdb 0.9.1
Apache Couchdb 0.9.0
Apache Couchdb 0.10.1
Apache Couchdb 0.10.0
Apache Couchdb 0.9.2
Apache Couchdb 0.8.1
Apache Couchdb 0.8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2