EUVD-2025-18625

Malicious code in bioql PyPI...

Couchbase .NET SDK (client library) does not properly enable hostname verification for TLS certificates

The Couchbase .NET SDK client library before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact, the SDK was also using IP addresses instead of hostnames due to a configuration option that was incorrectly enabled by default...

GHSA-PX2C-R924-MWCC Couchbase .NET SDK (client library) does not properly enable hostname verification for TLS certificates

The Couchbase .NET SDK client library before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact, the SDK was also using IP addresses instead of hostnames due to a configuration option that was incorrectly enabled by default...

CVE-2025-49015

The Couchbase .NET SDK client library before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact, the SDK was also using IP addresses instead of hostnames due to a configuration option that was incorrectly enabled by default...

PT-2025-26166 · Couchbase · Couchbase .Net Sdk

Name of the Vulnerable Software and Affected Versions: Couchbase .NET SDK versions prior to 3.7.1 Description: The issue concerns the Couchbase .NET SDK's failure to properly enable hostname verification for TLS certificates. Additionally, the SDK was using IP addresses instead of hostnames due t...

CVE-2025-49015

The Couchbase .NET SDK client library before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact, the SDK was also using IP addresses instead of hostnames due to a configuration option that was incorrectly enabled by default...

CVE-2025-49015

The CVE-2025-49015 entry concerns the Couchbase .NET SDK (client library) prior to 3.7.1 that does not properly enable hostname verification for TLS certificates, and was configured to use IP addresses instead of hostnames by default. Reported impact is exposure to MITM via TLS misconfig, with co...