2.16. CVE-2023-26268: Apache CouchDB: Information sharing via couchjs processes¶
- Date:
02.05.2023
- Affected:
3.3.1 and below, 3.2.2 and below
- Severity:
Medium
- Vendor:
The Apache Software Foundation
2.16.1. Description¶
Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions:
validate_doc_update
list
filter
filter views (using view functions as filters)
rewrite
update
This doesn’t affect map/reduce or search (Dreyfus) index functions.
2.16.2. Mitigation¶
CouchDB 3.3.2 and 3.2.3 and onwards matches Javascript execution processes by database names in addition to design document IDs when processing the affected design document functions.
2.16.3. Workarounds¶
Avoid using design documents from untrusted sources which may attempt to cache or store data in the Javascript environment.
2.16.4. Credit¶
This issue was identified by Nick Vatamaniuc