1
Candidate: CVE-2012-5641
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5641
5
http://seclists.org/fulldisclosure/2013/Jan/81
7
Directory traversal vulnerability in the partition2 function in
8
mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB
9
before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1, allows remote
10
attackers to read arbitrary files via a ..\ (dot dot backslash) in the
14
jdstrand> Windows-only
21
upstream: https://github.com/apache/couchdb/commit/a996d8dfbc0853f82a2cba3e482df2e7093ff839
22
upstream_couchdb: released (1.0.4, 1.2.1)
24
lucid_couchdb: not-affected
25
oneiric_couchdb: not-affected
26
precise_couchdb: not-affected
27
quantal_couchdb: not-affected
28
devel_couchdb: not-affected