AVG-2708 log
| Package | couchdb |
| Status | Not affected |
| Severity | Critical |
| Type | privilege escalation |
| Affected | 3.2.1-1 |
| Fixed | 3.2.2-2 |
| Current | 3.5.1-1 [extra] |
| Ticket | None |
| Created | Fri May 13 09:13:08 2022 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2022-24706 | Critical | Yes | Privilege escalation | An attacker can access an improperly secured default installation without authenticating and gain admin privileges. CouchDB 3.2.2 and onwards will refuse... |
| References |
|---|
https://lists.apache.org/thread/w24wo0h8nlctfps65txvk0oc5hdcnv00 |