Unrated severityNVD Advisory· Published Apr 5, 2010· Updated Apr 29, 2026
CVE-2010-0009
CVE-2010-0009
Description
Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain sensitive information by measuring the completion time of operations that verify (1) hashes or (2) passwords.
Affected products
7cpe:2.3:a:apache:couchdb:0.10.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:apache:couchdb:0.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:couchdb:0.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:couchdb:0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:couchdb:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:couchdb:0.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:couchdb:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:couchdb:0.9.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- couchdb.apache.org/security.htmlnvdPatchVendor Advisory
- secunia.com/advisories/39146nvdVendor Advisory
- archives.neohapsis.com/archives/bugtraq/2010-03/0267.htmlnvd
- www.osvdb.org/63350nvd
- www.securityfocus.com/archive/1/510427/100/0/threadednvd
- www.securityfocus.com/bid/39116nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.