36 matches found
EUVD-2022-0999
Malicious code in bioql PyPI...
EUVD-2021-30825
Malicious code in bioql PyPI...
EUVD-2022-0048
Malicious code in bioql PyPI...
EUVD-2025-23036
Malicious code in bioql PyPI...
CVE-2025-52490
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...
Couchbase Sync Gateway shows cleartext passwords in redacted and unredacted output
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...
GHSA-PQHP-4XFC-HJGQ Couchbase Sync Gateway shows cleartext passwords in redacted and unredacted output
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...
CVE-2025-52490
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...
PYSEC-2025-101
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...
PYSEC-2025-101
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...
CVE-2025-52490
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...
Couchbase Sync Gateway 安全漏洞
Couchbase Sync Gateway is a secure web gateway for data access and data synchronization over the web from Couchbase, Inc. A security vulnerability exists in Couchbase Sync Gateway versions prior to 3.2.6, which stems from logs containing plaintext passwords that could lead to information disclosu...
PT-2025-31263 · Couchbase · Couchbase Sync Gateway
Name of the Vulnerable Software and Affected Versions: Couchbase Sync Gateway versions prior to 3.2.6 Description: An issue was discovered where cleartext passwords were present in both redacted and unredacted output within the sgcollect info options.log and sync gateway.log files. Recommendation...
CVE-2025-52490
CVE-2025-52490 affects Couchbase Sync Gateway versions prior to 3.2.6. The issue arises from cleartext passwords appearing in redacted and unredacted output in sgcollect_info_options.log and sync_gateway.log, enabling potential information disclosure. The linked advisories indicate upgrading to a...
CVE-2025-52490
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...
CVE-2022-32563
An issue was discovered in Couchbase Sync Gateway 3.x before 3.0.2. Admin credentials are not verified when using X.509 client-certificate authentication from Sync Gateway to Couchbase Server. When Sync Gateway is configured to authenticate with Couchbase Server using X.509 client certificates, t...
CVE-2021-43963
An issue was discovered in Couchbase Sync Gateway 2.7.0 through 2.8.2. The bucket credentials used to read and write data in Couchbase Server were insecurely being stored in the metadata within sync documents written to the bucket. Users with read access could use these credentials to obtain writ...
Couchbase Sync Gateway admin credentials not verified when using X.509 client cert authentication
An issue was discovered in Couchbase Sync Gateway 3.x before 3.0.2. Admin credentials are not verified when using X.509 client-certificate authentication from Sync Gateway to Couchbase Server. When Sync Gateway is configured to authenticate with Couchbase Server using X.509 client certificates, t...
GHSA-9266-J9V3-Q4J5 Couchbase Sync Gateway admin credentials not verified when using X.509 client cert authentication
An issue was discovered in Couchbase Sync Gateway 3.x before 3.0.2. Admin credentials are not verified when using X.509 client-certificate authentication from Sync Gateway to Couchbase Server. When Sync Gateway is configured to authenticate with Couchbase Server using X.509 client certificates, t...
CVE-2022-32563
An issue was discovered in Couchbase Sync Gateway 3.x before 3.0.2. Admin credentials are not verified when using X.509 client-certificate authentication from Sync Gateway to Couchbase Server. When Sync Gateway is configured to authenticate with Couchbase Server using X.509 client certificates, t...