Vulnerabilities > Couchbase > Couchbase Server > 4.0.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-08 | CVE-2023-36667 | Path Traversal vulnerability in Couchbase Server Couchbase Server 7.1.4 before 7.1.5 and 7.2.0 before 7.2.1 allows Directory Traversal. | 7.5 |
2023-02-06 | CVE-2023-25016 | Cleartext Transmission of Sensitive Information vulnerability in Couchbase Server Couchbase Server before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2 exposes Sensitive Information to an Unauthorized Actor. | 7.5 |
2022-06-14 | CVE-2022-32557 | Missing Authentication for Critical Function vulnerability in Couchbase Server An issue was discovered in Couchbase Server before 7.0.4. | 7.5 |
2022-06-14 | CVE-2022-32559 | Allocation of Resources Without Limits or Throttling vulnerability in Couchbase Server An issue was discovered in Couchbase Server before 7.0.4. | 9.1 |
2022-06-13 | CVE-2022-32560 | Missing Authorization vulnerability in Couchbase Server An issue was discovered in Couchbase Server before 7.0.4. | 7.5 |
2022-06-13 | CVE-2022-32564 | Unspecified vulnerability in Couchbase Server An issue was discovered in Couchbase Server before 7.0.4. | 5.0 |
2022-06-02 | CVE-2021-33504 | Unspecified vulnerability in Couchbase Server Couchbase Server before 7.1.0 has Incorrect Access Control. | 4.9 |
2021-11-02 | CVE-2021-42763 | Cleartext Storage of Sensitive Information vulnerability in Couchbase Server Couchbase Server before 6.6.3 and 7.x before 7.0.2 stores Sensitive Information in Cleartext. | 5.0 |
2021-05-10 | CVE-2021-25645 | Cleartext Storage of Sensitive Information vulnerability in Couchbase Server An issue was discovered in Couchbase Server before 6.0.5, 6.1.x through 6.5.x before 6.5.2, and 6.6.x before 6.6.1. | 2.1 |
2020-02-22 | CVE-2020-9039 | Incorrect Default Permissions vulnerability in Couchbase Server Couchbase Server 4.0.0, 4.1.0, 4.1.1, 4.5.0, 4.5.1, 4.6.0 through 4.6.5, 5.0.0, 5.1.1, 5.5.0 and 5.5.1 have Insecure Permissions for the projector and indexer REST endpoints (they allow unauthenticated access).The /settings REST endpoint exposed by the projector process is an endpoint that administrators can use for various tasks such as updating configuration and collecting performance profiles. | 7.5 |