Vulnerabilities > Couchbase

DATE	CVE	VULNERABILITY TITLE	RISK
2019-09-10	CVE-2019-11465	Information Exposure Through Discrepancy vulnerability in Couchbase Server An issue was discovered in Couchbase Server 5.5.x through 5.5.3 and 6.0.0. network low complexity couchbase CWE-203	5.0
2019-09-10	CVE-2019-11464	Cross-site Scripting vulnerability in Couchbase Server 5.1.2/5.5.0 Some enterprises require that REST API endpoints include security-related headers in REST responses. network couchbase CWE-79	4.3
2019-06-26	CVE-2019-9039	SQL Injection vulnerability in Couchbase Sync Gateway 2.1.2 In Couchbase Sync Gateway 2.1.2, an attacker with access to the Sync Gateway’s public REST API was able to issue additional N1QL statements and extract sensitive data or call arbitrary N1QL functions through the parameters "startkey" and "endkey" on the "_all_docs" endpoint. network low complexity couchbase CWE-89	7.5
2018-08-24	CVE-2018-15728	Code Injection vulnerability in Couchbase Server Couchbase Server exposed the '/diag/eval' endpoint which by default is available on TCP/8091 and/or TCP/18091. network low complexity couchbase CWE-94 critical	9.0

Vulnerabilities > Couchbase {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Couchbase"}]}