Unrated severityNVD Advisory· Published Mar 18, 2014· Updated Jun 16, 2026
CVE-2012-5641
CVE-2012-5641
Description
Directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the default URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
15cpe:2.3:a:apache:couchdb:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:apache:couchdb:*:*:*:*:*:*:*:*range: <=1.0.3
- cpe:2.3:a:apache:couchdb:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:couchdb:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:couchdb:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:couchdb:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:couchdb:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:couchdb:1.2.0:*:*:*:*:*:*:*
- (no CPE)range: <1.0.4 / >=1.1.0 <1.1.2 / >=1.2.0 <1.2.1
cpe:2.3:a:mochiweb_project:mochiweb:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:mochiweb_project:mochiweb:*:*:*:*:*:*:*:*range: <=2.3.2
- cpe:2.3:a:mochiweb_project:mochiweb:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mochiweb_project:mochiweb:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:mochiweb_project:mochiweb:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:mochiweb_project:mochiweb:2.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:mochiweb_project:mochiweb:2.3.1:*:*:*:*:*:*:*
- (no CPE)range: <2.4.0
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.