Github.Com Couchbase Sync Gateway vulnerabilities

1 known vulnerability affecting github.com/couchbase_sync_gateway.

Total CVEs

1

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

CRITICAL1

Vulnerabilities

Page 1 of 1

CVE-2019-9039CRITICAL≥ 0, < 2.5.02022-02-15

CVE-2019-9039 [CRITICAL] CWE-89 SQL Injection in Couchbase Sync Gateway SQL Injection in Couchbase Sync Gateway The Couchbase Sync Gateway 2.1.2 in combination with a Couchbase Server is affected by a previously undisclosed N1QL-injection vulnerability in the REST API. An attacker with access to the public REST API can insert additional N1QL statements through the parameters ?startkey? and ?endkey? of the ?_all_docs? endpoint.