Advisories ยป MGASA-2022-0466

Updated couchdb packages fix security vulnerability

Publication date: 17 Dec 2022
Modification date: 17 Dec 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-24706

Description

In Apache CouchDB prior to 3.2.2, an attacker can access an improperly
secured default installation without authenticating and gain admin
privileges. The CouchDB documentation has always made recommendations for
properly securing an installation, including recommending using a firewall
in front of all CouchDB installations. (CVE-2022-24706)

References

SRPMS

8/core