CVE-2014-2668

Опубликовано: 28 мар. 2014

Источник: debian

Описание

Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via the count parameter to /_uuids.

Пакеты

Пакет	Статус	Релиз	Тип
couchdb	removed		package
couchdb	no-dsa	wheezy	package
couchdb	no-dsa	squeeze	package

Примечания

High resource usage in CPU and memory while query is active. No crash for deamon in 1.4.0-3+b1 and 1.2.0-5 versions.
http://git-wip-us.apache.org/repos/asf?p=couchdb.git;a=commitdiff_plain;h=0fb5aa9e67bd291ca2638dba961f4ddd3f6ccb3e;hp=198bea3479dfecac13ab1a3e95f902b8eba02f7d

Связанные уязвимости

CVE-2014-2668

ubuntu

почти 12 лет назад

Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via the count parameter to /_uuids.

CVE-2014-2668

nvd

почти 12 лет назад

Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via the count parameter to /_uuids.

GHSA-pgjj-9j9g-vrr7

github

больше 3 лет назад

Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via the count parameter to /_uuids.