← Back

Pouchdb

pouchdb

Vendor: Pouchdb • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2016-10546
1Pouchdb
1Pouchdb
Nov 21, 2024
May 31, 2018
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
An arbitrary code injection vector was found in PouchDB 6.0.4 and lesser via the map/reduce functions used in PouchDB temporary views and design documents. The code execution engine for this branch is not properly sandbo...Show more
An arbitrary code injection vector was found in PouchDB 6.0.4 and lesser via the map/reduce functions used in PouchDB temporary views and design documents. The code execution engine for this branch is not properly sandboxed and may be used to run arbitrary JavaScript as well as system commands.Show less