Vulnerabilities > Apache > Couchdb > 0.11.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-03-28 | CVE-2014-2668 | Improper Input Validation vulnerability in Apache Couchdb Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via the count parameter to /_uuids. | 5.0 |
| 2014-03-18 | CVE-2012-5641 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the default URI. | 5.0 |
| 2010-08-19 | CVE-2010-2234 | Cross-Site Request Forgery (CSRF) vulnerability in Apache Couchdb Cross-site request forgery (CSRF) vulnerability in Apache CouchDB 0.8.0 through 0.11.0 allows remote attackers to hijack the authentication of administrators for direct requests to an installation URL. | 6.8 |