VYPR
High severity7.5NVD Advisory· Published Sep 10, 2019· Updated Jun 17, 2026

CVE-2019-11467

CVE-2019-11467

Description

In Couchbase Server 4.6.3 and 5.5.0, secondary indexing encodes the entries to be indexed using collatejson. When index entries contain certain characters like \t, <, >, it caused buffer overrun as encoded string would be much larger than accounted for, causing indexer service to crash and restart. This has been remedied in versions 5.1.2 and 5.5.2 to ensure buffer always grows as needed for any input.

Affected products

2
  • Couchbase/Couchbase Serverdescription
  • Couchbase/Serverllm-fuzzy
    Range: 4.6.3, 5.5.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.