CPE Details
Couchbase Server 7.1.2
7.1.2
2023-02-13
17h40 +00:00
17h40 +00:00
2023-02-23
18h10 +00:00
18h10 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:couchbase:couchbase_server:7.1.2:*:*:*:*:*:*:*
Informations
Vendor
couchbaseProduct
couchbase_serverVersion
7.1.2Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| Couchbase Server 7.6.x before 7.6.2, 7.2.x before 7.2.6, and all earlier versions allows HTTP Host header injection. | 6.1 |
Medium |
||
| An issue was discovered in Couchbase Server before 7.2.5 and 7.6.0 before 7.6.1. It does not ensure that credentials are negotiated with the Key-Value (KV) service using SCRAM-SHA when remote link encryption is configured for Half-Secure. | 5.9 |
Medium |
||
| An issue was discovered in Couchbase Server through 7.2.2. A data reader may cause a denial of service (outage of reader threads). | 4.3 |
Medium |
||
| Couchbase Server before 7.2.4 has a private key leak in goxdcr.log. | 7.5 |
High |
||
| Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 8.8 |
High |
||
| Couchbase Server 7.1.4 before 7.1.5 and 7.2.0 before 7.2.1 allows Directory Traversal. | 7.5 |
High |
||
| Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 8.8 |
High |
||
| Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 8.8 |
High |
||
| In Couchbase Server 5 through 7 before 7.1.4, the nsstats endpoint is accessible without authentication. | 5.3 |
Medium |
2025©
tesweb SA
