Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

IBM Cloudant Security Vulnerabilities

cve
cve

CVE-2023-45725

Design document functions which receive a user http request object may expose authorization or session cookie headers of the user who accesses the document. These design document functions are: * list * show * rewrite * update An attacker can leak the session component using an...

5.7CVSS

5.2AI Score

0.0004EPSS

2023-12-13 08:15 AM
19
cve
cve

CVE-2023-26268

Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions: * validate_doc_update list filter filter views (using view functions as filters) rewrite update This doesn't affect...

5.3CVSS

5AI Score

0.001EPSS

2023-05-02 09:15 PM
25
cve
cve

CVE-2021-38295

In Apache CouchDB, a malicious user with permission to create documents in a database is able to attach a HTML attachment to a document. If a CouchDB admin opens that attachment in a browser, e.g. via the CouchDB admin interface Fauxton, any JavaScript code embedded in that HTML attachment will be....

7.3CVSS

7AI Score

0.001EPSS

2021-10-14 08:15 PM
47