Buffer overflow

2019-09-1018:15:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.5%

JSON

In Couchbase Server 4.6.3 and 5.5.0, secondary indexing encodes the entries to be indexed using collatejson. When index entries contain certain characters like \t, <, >, it caused buffer overrun as encoded string would be much larger than accounted for, causing indexer service to crash and restart. This has been remedied in versions 5.1.2 and 5.5.2 to ensure buffer always grows as needed for any input.

CPENameOperatorVersion
couchbase_servereq4.6.3
couchbase_servereq5.5.0

CPE	Name	Operator	Version
	couchbase_server	eq	4.6.3
	couchbase_server	eq	5.5.0

References

www.couchbase.com/resources/security