Lucene search

BIT-COUCHDB-2023-26268

🗓️ 06 Mar 2024 10:14:51Reported by GoogleType

osv🔗 osv.dev👁 15 Views

Design documents share mutable Javascript environment. Update to safe versions (Apache CouchDB 3.3.2 or 3.2.3). Avoid untrusted design documents

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 16
Cvelist	CVE-2023-26268 Apache CouchDB, IBM Cloudant: Information sharing via couchjs processes	2 May 202320:06	–	cvelist
Tenable Nessus	FreeBSD : couchdb -- information sharing via couchjs processes (fd47fcfe-ec69-4000-b9ce-e5e62102c1c7)	17 Dec 202300:00	–	nessus
Tenable Nessus	Apache CouchDB < 3.2.3 / 3.3.x < 3.3.2 Information Disclosure	4 May 202300:00	–	nessus
OpenVAS	Apache CouchDB <= 3.2.2, 3.3.x <= 3.3.1 Information Disclosure Vulnerability - Windows	10 May 202300:00	–	openvas
OpenVAS	Apache CouchDB <= 3.2.2, 3.3.x <= 3.3.1 Information Disclosure Vulnerability - Linux	10 May 202300:00	–	openvas
Prion	Code injection	2 May 202321:15	–	prion
UbuntuCve	CVE-2023-26268	2 May 202300:00	–	ubuntucve
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to loss of confidentiality due to [CVE-2023-26268]	24 Aug 202315:11	–	ibm
IBM Security Bulletins	Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to remote information transfer due to CouchDB CVE-2023-26268	18 Aug 202308:23	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM Cloud Pak for Multicloud Management	28 Feb 202421:30	–	ibm

Source	Link
docs	www.docs.couchdb.org/en/stable/cve/2023-26268.html
lists	www.lists.apache.org/thread/ldkqs0nhpmho26bdxf4fon7w75hsq5gl
lists	www.lists.apache.org/thread/r2wvjfysg3d92lhhjd1qh3wfr8mlp0pp
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-26268

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Mar 2024 10:51Current

5Medium risk

Vulners AI Score5

CVSS34.4 - 5.3

EPSS0.00037

SSVC