Improper input validation in Apache Couchdb

CVE-2014-2668

Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via the count parameter to /_uuids.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.488 (97.8th percentile) — read the EPSS interpretation.

Affected products

Apache Couchdb
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

apache-couchdb-cve20142668-dos(92161) (vdb-entry, x_refsource_XF)
66474 (Exploit, vdb-entry, x_refsource_BID)
57572 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
openSUSE-SU-2014:0526 (vendor-advisory, x_refsource_SUSE)
32519 (Exploit, exploit, x_refsource_EXPLOIT-DB)
1029967 (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_MISC)