2.7. CVE-2014-2668: DoS (CPU and memory consumption) via the count parameter to /_uuids

    26.03.2014

    Affected

    Apache CouchDB releases up to and including 1.3.1, 1.4.0, and 1.5.0 are vulnerable.

    Moderate

    Vendor

    The Apache Software Foundation

    Upgrade to a supported CouchDB release that includes this fix, such as:

    Disable the handler completely, by adapting local.ini and restarting CouchDB: