628 matches found
EUVD-2023-53825
Malicious code in bioql PyPI...
EUVD-2022-0048
Malicious code in bioql PyPI...
CVE-2025-52490
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...
GHSA-PQHP-4XFC-HJGQ Couchbase Sync Gateway shows cleartext passwords in redacted and unredacted output
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...
Couchbase Sync Gateway shows cleartext passwords in redacted and unredacted output
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...
CVE-2025-52490
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...
PYSEC-2025-101
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...
casbin-couchbase-adapter (>=0.1.3 <=0.1.4), pycouchbase (>=0.1.0.dev1 <=0.1.0b1) +1 more potentially affected by CVE-2025-52490 via couchbase (>=2.0.0 <=2.5.12)
couchbase PYPI version =2.0.0, =0.1.3, =0.1.0.dev1, =1.0.4, =2.0.2 Source cves: CVE-2025-52490 Source advisory: OSV:PYSEC-2025-101...
CVE-2025-52490
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...
PYSEC-2025-101
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...
CVE-2025-52490
CVE-2025-52490 affects Couchbase Sync Gateway versions prior to 3.2.6. The issue arises from cleartext passwords appearing in redacted and unredacted output in sgcollect_info_options.log and sync_gateway.log, enabling potential information disclosure. The linked advisories indicate upgrading to a...
PT-2025-31263
Name of the Vulnerable Software and Affected Versions Couchbase Sync Gateway versions prior to 3.2.6 Description An issue was discovered where cleartext passwords were present in both redacted and unredacted output within the sgcollect info options.log and sync gateway.log files. Recommendations...
CVE-2025-52490
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...
Couchbase Sync Gateway 安全漏洞
Couchbase Sync Gateway is a secure web gateway for data access and data synchronization over the web from Couchbase, Inc. A security vulnerability exists in Couchbase Sync Gateway versions prior to 3.2.6, which stems from logs containing plaintext passwords that could lead to information disclosu...
CVE-2025-52490
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...
CVE-2025-49015
The Couchbase .NET SDK client library before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact, the SDK was also using IP addresses instead of hostnames due to a configuration option that was incorrectly enabled by default...
GHSA-PX2C-R924-MWCC Couchbase .NET SDK (client library) does not properly enable hostname verification for TLS certificates
The Couchbase .NET SDK client library before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact, the SDK was also using IP addresses instead of hostnames due to a configuration option that was incorrectly enabled by default...
Improper Validation of Certificate with Host Mismatch
Overview CouchbaseNetClient is a the Official Couchbase .NET SDK. Affected versions of this package are vulnerable to Improper Validation of Certificate with Host Mismatch in the TLS certificate validation process. An attacker can intercept sensitive information by performing a man-in-the-middle...
Couchbase .NET SDK (client library) does not properly enable hostname verification for TLS certificates
The Couchbase .NET SDK client library before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact, the SDK was also using IP addresses instead of hostnames due to a configuration option that was incorrectly enabled by default...
CVE-2025-49015
The Couchbase .NET SDK client library before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact, the SDK was also using IP addresses instead of hostnames due to a configuration option that was incorrectly enabled by default...