Affected versions of pouchdb
do not properly sandbox the code execution engine which executes the map/reduce functions for temporary views and design documents. Under certain circumstances, an attacker could uses this to run arbitrary code on the server.
Update to version 6.0.5 or later.