Vulnerabilities > Couchbase > Couchbase Server > 6.5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-19 | CVE-2024-25673 | Injection vulnerability in Couchbase Server Couchbase Server 7.6.x before 7.6.2, 7.2.x before 7.2.6, and all earlier versions allows HTTP Host header injection. | 6.1 |
| 2024-07-26 | CVE-2024-37034 | Inadequate Encryption Strength vulnerability in Couchbase Server An issue was discovered in Couchbase Server before 7.2.5 and 7.6.0 before 7.6.1. | 5.9 |
| 2024-02-29 | CVE-2024-23302 | Unspecified vulnerability in Couchbase Server Couchbase Server before 7.2.4 has a private key leak in goxdcr.log. | 7.5 |
| 2024-02-29 | CVE-2023-45874 | Unspecified vulnerability in Couchbase Server An issue was discovered in Couchbase Server through 7.2.2. | 4.3 |
| 2024-01-16 | CVE-2024-0519 | Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2023-11-08 | CVE-2023-36667 | Path Traversal vulnerability in Couchbase Server Couchbase Server 7.1.4 before 7.1.5 and 7.2.0 before 7.2.1 allows Directory Traversal. | 7.5 |
| 2023-06-05 | CVE-2023-3079 | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2023-04-14 | CVE-2023-2033 | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2023-02-06 | CVE-2022-42951 | Race Condition vulnerability in Couchbase Server An issue was discovered in Couchbase Server 6.5.x and 6.6.x before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2. | 8.1 |
| 2023-02-06 | CVE-2023-25016 | Cleartext Transmission of Sensitive Information vulnerability in Couchbase Server Couchbase Server before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2 exposes Sensitive Information to an Unauthorized Actor. | 7.5 |