FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

couchdb -- administrator privilege escalation

Affected packages
couchdb < 2.2.0,2

Details

VuXML ID 9b19b6df-a4be-11e8-9366-0028f8d09152
Discovery 2018-06-05
Entry 2018-08-08

Apache CouchDB PMC reports:

Database Administrator could achieve privilege escalation to the account that CouchDB runs under, by abusing insufficient validation in the HTTP API, escaping security controls implemented in previous releases.

References

CVE Name CVE-2018-11769
URL http://docs.couchdb.org/en/stable/cve/2018-11769.html