couchbase

PyPI2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting couchbasepage 1 of 1

CVE-2022-32563CRITICALCVSS 9.8EG 9.8✓ Fixed in 3.0.2
2022-06-10
vulnerable: 3.0.0 ... 3.0.2b9 (9 versions)
An issue was discovered in Couchbase Sync Gateway 3.x before 3.0.2. Admin credentials are not verified when using X.509 client-certificate authentication from Sync Gateway to Couchbase Server. When Sync Gateway is configured to authenticat…
CVE-2023-45875HIGHCVSS 7.5EG 7.5
2023-11-08
vulnerable: 0.10 ... 4.5.0rc1 (159 versions)
An issue was discovered in Couchbase Server 7.2.0. There is a private key leak in debug.log while adding a pre-7.0 node to a 7.2 cluster.

Check whether couchbase is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for couchbase CVEs against the assets you own.

Start Free Scan →