FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

couchdb -- administrator privilege escalation

Affected packages
couchdb < 2.3.0,2
couchdb2 < 2.3.0

Details

VuXML ID 1999a215-fc6b-11e8-8a95-ac1f6b67e138
Discovery 2018-12-01
Entry 2018-12-13

Apache CouchDB PMC reports:

Database Administrator could achieve privilege escalation to the account that CouchDB runs under, by abusing insufficient validation in the HTTP API, escaping security controls implemented in previous releases.

[source]

References

CVE Name CVE-2018-17188
URL http://docs.couchdb.org/en/stable/cve/2018-17188.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.