Vulnerabilities > Apache > Couchdb > 1.2.0

DATE CVE VULNERABILITY TITLE RISK
2014-03-28 CVE-2014-2668 Improper Input Validation vulnerability in Apache Couchdb
Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via the count parameter to /_uuids.
network
low complexity
apache CWE-20
5.0
5.0
2014-03-18 CVE-2012-5641 Path Traversal vulnerability in multiple products
Directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the default URI.
network
low complexity
apache mochiweb-project CWE-22
5.0
5.0