Known Vulnerabilities for Couchdb by Apache
Listed below are 10 of the newest known vulnerabilities associated with "Couchdb" by "Apache".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-48146 json | Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token fetch function in packages/server/src/sdk/wor... | Not Provided | 2026-05-27 | 2026-05-28 |
| CVE-2026-46424 json | Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint (POST /api/public/v1... | Not Provided | 2026-05-27 | 2026-05-28 |
| CVE-2026-45719 json | Budibase is an open-source low-code platform. Prior to 3.38.1, the V1 Views API (POST /api/views) accepts a calculation param... | Not Provided | 2026-05-27 | 2026-05-27 |
| CVE-2023-26268 json | Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment w... | 5.3 - MEDIUM | 2023-05-02 | 2023-05-10 |
| CVE-2022-24706 json | In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating an... | 9.8 - CRITICAL | 2022-04-26 | 2023-11-07 |
| CVE-2021-38295 json | In Apache CouchDB, a malicious user with permission to create documents in a database is able to attach a HTML attachment to ... | 7.3 - HIGH | 2021-10-14 | 2023-08-08 |
| CVE-2020-1955 json | CouchDB version 3.0.0 shipped with a new configuration setting that governs access control to the entire database server call... | 9.8 - CRITICAL | 2020-05-20 | 2021-07-21 |
| CVE-2018-17188 json | Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of key components of the database. In some cases, t... | 7.2 - HIGH | 2019-01-02 | 2023-11-07 |
| CVE-2018-14889 json | CouchDB in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local code execution vulnerability. | 7.8 - HIGH | 2018-09-21 | 2018-11-08 |
| CVE-2018-11769 json | CouchDB administrative users before 2.2.0 can configure the database server via HTTP(S). Due to insufficient validation of ad... | 7.2 - HIGH | 2018-08-08 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Apache | Couchdb | 3.0.0 | |||
| Application | Apache | Couchdb | 2.3.1 | |||
| Application | Apache | Couchdb | 2.3.1 | |||
| Application | Apache | Couchdb | 2.3.0 | |||
| Application | Apache | Couchdb | 2.3.0 | |||
| Application | Apache | Couchdb | 2.3.0 | |||
| Application | Apache | Couchdb | 2.2.0 | |||
| Application | Apache | Couchdb | 2.2.0 | |||
| Application | Apache | Couchdb | 2.2.0 | |||
| Application | Apache | Couchdb | 2.2.0 | |||
| Application | Apache | Couchdb | 2.2.0 | |||
| Application | Apache | Couchdb | 2.1.2. | |||
| Application | Apache | Couchdb | 2.1.2 | |||
| Application | Apache | Couchdb | 2.1.2 | |||
| Application | Apache | Couchdb | 2.1.2 | |||
| Application | Apache | Couchdb | 2.1.2 | |||
| Application | Apache | Couchdb | 2.1.1 | |||
| Application | Apache | Couchdb | 2.1.1 | |||
| Application | Apache | Couchdb | 2.1.1 | |||
| Application | Apache | Couchdb | 2.1.1 |