Nick Vatamaniuc

**Name of the Vulnerable Software and Affected Versions** Apache CouchDB versions prior to 3.2.3 Apache CouchDB versions prior to 3.3.2 **Description** Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions: * validate doc update * list * filter * filter views (using view functions as filters) * rewrite * update This doesn't affect map/reduce or search (Dreyfus) index functions. **Recommendations** For versions prior to 3.2.3, upgrade to Apache CouchDB 3.2.3 or later. For versions prior to 3.3.2, upgrade to Apache CouchDB 3.3.2 or later. As a temporary workaround, consider avoiding the use of design documents from untrusted sources which may attempt to cache or store data in the Javascript environment.