2.12. CVE-2018-8007: Apache CouchDB Remote Code Execution

来源 1 浏览 418 扫码打印 2022-04-28 22:35:30

30.04.2018

Affected

All Versions of Apache CouchDB

Low

Vendor

The Apache Software Foundation

This privilege escalation effectively allows a CouchDB admin user to gain arbitrary remote code execution, bypassing CVE-2017-12636

All users should upgrade to CouchDB or 2.1.2.

Upgrades from previous 1.x and 2.x versions in the same series should be seamless.

This issue was discovered by Francesco Oddo of .

本文档使用全库网构建