Couchbase: >> Sync Gateway >> 2.1 Security Vulnerabilities
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollect_info_options.log and sync_gateway.log, there are cleartext passwords in redacted and unredacted output.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-07-29
In Couchbase Server 6.0.3 and Couchbase Sync Gateway through 2.7.0, the Cluster management, views, query, and full-text search endpoints are vulnerable to the Slowloris denial-of-service attack because they don't more aggressively terminate slow connections.
CVSS Score
7.5
EPSS Score
0.005
Published
2020-06-08