3 matches found
CVE-2024-25673
Couchbase Server 7.6.x before 7.6.2, 7.2.x before 7.2.6, and all earlier versions allows HTTP Host header injection...
Couchbase < 7.2.6 / 7.6.x < 7.6.2 HTTP Host Header Injection
The version of Couchbase installed on the remote host is before 7.2.6, and 7.6.x before 7.6.2. It is, therefore, affected by a HTTP Host header injection. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...
CVE-2024-25673
CVE-2024-25673 affects Couchbase Server and enables HTTP Host header injection in affected branches: Couchbase Server 7.6.x prior to 7.6.2 and 7.2.x prior to 7.2.6 (and earlier versions). The vulnerability is due to improper handling of the Host header in HTTP requests. Observed impact per source...