Updated couchdb packages fix security vulnerability
Publication date: 17 Dec 2022Modification date: 17 Dec 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-24706
Description
In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. The CouchDB documentation has always made recommendations for properly securing an installation, including recommending using a firewall in front of all CouchDB installations. (CVE-2022-24706)
References
SRPMS
8/core
- couchdb-3.2.2-1.mga8