Description
Couchbase Server 6.5.x, 6.6.0 through 6.6.2, and 7.0.0, has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached.
References (2)
Core 2
Core References
Release Notes, Vendor Advisory x_refsource_misc
https://docs.couchbase.com/server/current/release-notes/relnotes.html
Vendor Advisory x_refsource_misc
https://www.couchbase.com/alerts
Scores
CVSS v3
7.5
EPSS
0.0048
EPSS Percentile
65.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-120
Status
published
Products (2)
couchbase/couchbase_server
7.0.0
couchbase/couchbase_server
4.5.0 - 5.5.6
Published
Sep 29, 2021
Tracked Since
Feb 18, 2026