2.8. CVE-2017-12635: Apache CouchDB Remote Privilege Escalation

来源 1 浏览 534 扫码打印 2021-10-31 19:51:06

2.8. CVE-2017-12635: Apache CouchDB Remote Privilege Escalation

All users should upgrade to CouchDB 1.7.1 or .

Users on earlier versions, or users upgrading from 1.x to 2.x should consult with upgrade notes.

We addressed this issue by updating the way CouchDB parses JSON in Erlang, mimicking the JavaScript behaviour of picking the last key, if duplicates exist.

本文档使用全库网构建