CVE-2023-26268: Apache CouchDB, IBM Cloudant: Information sharing via couchjs processes
1 view
Skip to first unread message
Nick Vatamaniuc
May 2, 2023, 1:07:26 PM5/2/23
to anno...@apache.org, us...@couchdb.apache.org
Affected versions:
- Apache CouchDB through 3.3.1
- IBM Cloudant through 8349
Description:
Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions:
* validate_doc_update
* list
* filter
* filter views (using view functions as filters)
* rewrite
* update
This doesn't affect map/reduce or search (Dreyfus) index functions.
Work Arounds:
Avoid using design documents from untrusted sources which may attempt to cache or store data in the Javascript environment.
Credit:
Nick Vatamaniuc vata...@apache.org (finder)
References:
https://couchdb.apache.org/
https://www.cve.org/CVERecord?id=CVE-2023-26268
- Apache CouchDB through 3.3.1
- IBM Cloudant through 8349
Description:
Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions:
* validate_doc_update
* list
* filter
* filter views (using view functions as filters)
* rewrite
* update
This doesn't affect map/reduce or search (Dreyfus) index functions.
Work Arounds:
Avoid using design documents from untrusted sources which may attempt to cache or store data in the Javascript environment.
Credit:
Nick Vatamaniuc vata...@apache.org (finder)
References:
https://couchdb.apache.org/
https://www.cve.org/CVERecord?id=CVE-2023-26268
Reply all
Reply to author
Forward
0 new messages