VYPR

Go modules package

github.com/couchbase/sync_gateway

pkg:golang/github.com/couchbase/sync_gateway

Vulnerabilities (2)

  • CVE-2025-52490HigJul 29, 2025
    affected < 3.2.6fixed 3.2.6

    An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollect_info_options.log and sync_gateway.log, there are cleartext passwords in redacted and unredacted output.

  • CVE-2019-9039CriJun 26, 2019
    affected < 2.5.0fixed 2.5.0

    In Couchbase Sync Gateway 2.1.2, an attacker with access to the Sync Gateway’s public REST API was able to issue additional N1QL statements and extract sensitive data or call arbitrary N1QL functions through the parameters "startkey" and "endkey" on the "_all_docs" endpoint. By i