Apache CouchDB 0.8.0 up to and including 0.10.1 allows remote malicious users to obtain sensitive information by measuring the completion time of operations that verify (1) hashes or (2) passwords.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache couchdb 0.9.1 |
||
apache couchdb 0.9.0 |
||
apache couchdb 0.10.1 |
||
apache couchdb 0.10.0 |
||
apache couchdb 0.9.2 |
||
apache couchdb 0.8.1 |
||
apache couchdb 0.8.0 |