Couchbase Server
by Couchbase
CVEs (45)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-11465 | Med | 0.35 | 5.3 | 0.01 | Sep 10, 2019 | An issue was discovered in Couchbase Server 5.5.x through 5.5.3 and 6.0.0. The Memcached "connections" stat block command emits a non-redacted username. The system information submitted to Couchbase as part of a bug report included the usernames for all users currently logged… | ||
| CVE-2022-42950 | Med | 0.32 | 4.9 | 0.01 | Feb 6, 2023 | An issue was discovered in Couchbase Server 7.x before 7.0.5 and 7.1.x before 7.1.2. A crafted HTTP REST request from an administrator account to the Couchbase Server Backup Service can exhaust memory resources, causing the process to be killed, which can be used for denial of… | ||
| CVE-2022-32561 | Med | 0.32 | 4.9 | 0.01 | Jun 14, 2022 | An issue was discovered in Couchbase Server before 6.6.5 and 7.x before 7.0.4. Previous mitigations for CVE-2018-15728 were found to be insufficient when it was discovered that diagnostic endpoints could still be accessed from the network. | ||
| CVE-2021-33504 | Med | 0.32 | 4.9 | 0.01 | Jun 2, 2022 | Couchbase Server before 7.1.0 has Incorrect Access Control. | ||
| CVE-2023-45874 | Med | 0.28 | 4.3 | 0.01 | Feb 29, 2024 | An issue was discovered in Couchbase Server through 7.2.2. A data reader may cause a denial of service (outage of reader threads). |
- risk 0.35cvss 5.3epss 0.01
An issue was discovered in Couchbase Server 5.5.x through 5.5.3 and 6.0.0. The Memcached "connections" stat block command emits a non-redacted username. The system information submitted to Couchbase as part of a bug report included the usernames for all users currently logged…
- risk 0.32cvss 4.9epss 0.01
An issue was discovered in Couchbase Server 7.x before 7.0.5 and 7.1.x before 7.1.2. A crafted HTTP REST request from an administrator account to the Couchbase Server Backup Service can exhaust memory resources, causing the process to be killed, which can be used for denial of…
- risk 0.32cvss 4.9epss 0.01
An issue was discovered in Couchbase Server before 6.6.5 and 7.x before 7.0.4. Previous mitigations for CVE-2018-15728 were found to be insufficient when it was discovered that diagnostic endpoints could still be accessed from the network.
- risk 0.32cvss 4.9epss 0.01
Couchbase Server before 7.1.0 has Incorrect Access Control.
- risk 0.28cvss 4.3epss 0.01
An issue was discovered in Couchbase Server through 7.2.2. A data reader may cause a denial of service (outage of reader threads).
Page 3 of 3