| Max CVSS | 10.0 | Min CVSS | 9.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-12635 | 10.0 |
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit _users documents with duplicate keys for 'roles' used for access control within the data
|
03-10-2019 - 00:03 | 14-11-2017 - 20:29 | |
| CVE-2017-12636 | 9.0 |
CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB bef
|
13-05-2019 - 19:29 | 14-11-2017 - 20:29 |