github.com/couchbase/sync_gateway
Go2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting github.com/couchbase/sync_gatewaypage 1 of 1
- CVE-2019-9039CRITICALCVSS 9.8EG 9.8✓ Fixed in 2.5.02019-06-26
In Couchbase Sync Gateway 2.1.2, an attacker with access to the Sync Gateway’s public REST API was able to issue additional N1QL statements and extract sensitive data or call arbitrary N1QL functions through the parameters "startkey" and…
- CVE-2025-52490HIGHCVSS 7.3EG 7.3✓ Fixed in 3.2.62025-07-29
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollect_info_options.log and sync_gateway.log, there are cleartext passwords in redacted and unredacted output.
Check whether github.com/couchbase/sync_gateway is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/couchbase/sync_gateway CVEs against the assets you own.
Start Free Scan →