Known Vulnerabilities for Couchdb by Apache
Listed below are 10 of the newest known vulnerabilities associated with "Couchdb" by "Apache".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-26268 json | Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment w... | 5.3 - MEDIUM | 2023-05-02 | 2023-05-10 |
| CVE-2022-24706 json | In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating an... | 9.8 - CRITICAL | 2022-04-26 | 2023-11-07 |
| CVE-2021-38295 json | In Apache CouchDB, a malicious user with permission to create documents in a database is able to attach a HTML attachment to ... | 7.3 - HIGH | 2021-10-14 | 2023-08-08 |
| CVE-2020-1955 json | CouchDB version 3.0.0 shipped with a new configuration setting that governs access control to the entire database server call... | 9.8 - CRITICAL | 2020-05-20 | 2021-07-21 |
| CVE-2018-17188 json | Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of key components of the database. In some cases, t... | 7.2 - HIGH | 2019-01-02 | 2023-11-07 |
| CVE-2018-14889 json | CouchDB in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local code execution vulnerability. | 7.8 - HIGH | 2018-09-21 | 2018-11-08 |
| CVE-2018-11769 json | CouchDB administrative users before 2.2.0 can configure the database server via HTTP(S). Due to insufficient validation of ad... | 7.2 - HIGH | 2018-08-08 | 2023-11-07 |
| CVE-2018-8007 json | Apache CouchDB administrative users can configure the database server via HTTP(S). Due to insufficient validation of administ... | 7.2 - HIGH | 2018-07-11 | 2023-11-07 |
| CVE-2017-12636 json | CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths f... | 7.2 - HIGH | 2017-11-14 | 2023-11-07 |
| CVE-2017-12635 json | Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before ... | 9.8 - CRITICAL | 2017-11-14 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Apache | Couchdb | 3.0.0 | |||
| Application | Apache | Couchdb | 2.3.1 | |||
| Application | Apache | Couchdb | 2.3.1 | |||
| Application | Apache | Couchdb | 2.3.0 | |||
| Application | Apache | Couchdb | 2.3.0 | |||
| Application | Apache | Couchdb | 2.3.0 | |||
| Application | Apache | Couchdb | 2.2.0 | |||
| Application | Apache | Couchdb | 2.2.0 | |||
| Application | Apache | Couchdb | 2.2.0 | |||
| Application | Apache | Couchdb | 2.2.0 | |||
| Application | Apache | Couchdb | 2.2.0 | |||
| Application | Apache | Couchdb | 2.1.2. | |||
| Application | Apache | Couchdb | 2.1.2 | |||
| Application | Apache | Couchdb | 2.1.2 | |||
| Application | Apache | Couchdb | 2.1.2 | |||
| Application | Apache | Couchdb | 2.1.2 | |||
| Application | Apache | Couchdb | 2.1.1 | |||
| Application | Apache | Couchdb | 2.1.1 | |||
| Application | Apache | Couchdb | 2.1.1 | |||
| Application | Apache | Couchdb | 2.1.1 |