VYPR

rpm package

suse/couchdb&distro=SUSE Enterprise Storage 4

pkg:rpm/suse/couchdb&distro=SUSE%20Enterprise%20Storage%204

Vulnerabilities (2)

  • CVE-2018-8007HigJul 11, 2018
    affected < 1.7.2-2.8.2fixed 1.7.2-2.8.2

    Apache CouchDB administrative users can configure the database server via HTTP(S). Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operati

  • CVE-2017-12636HigNov 14, 2017
    affected < 1.7.2-2.8.2fixed 1.7.2-2.8.2

    CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1