products / couchbase
Couchbase Server
Couchbase Server is a distributed document database with search and analytics features. NVD uses couchbase:couchbase_server with dotted product versions aligned to Couchbase release numbering.
api usage
Querying Couchbase Server
product slug
couchbaseversion format
7.0.4, 7.2.1bash
curl "https://api.attestd.io/v1/check?product=couchbase&version=7.0.4" \
-H "Authorization: Bearer $ATTESTD_KEY"Spot-check CVE-2022-42966 (RCE class issue in Couchbase services).
json
{
"product": "couchbase",
"version": "7.0.4",
"supported": true,
"risk_state": "high",
"risk_factors": ["remote_exploitable", "patch_available"],
"actively_exploited": false,
"remote_exploitable": true,
"authentication_required": false,
"patch_available": true,
"fixed_version": "7.0.5",
"confidence": 0.85,
"cve_ids": ["CVE-2022-42966"],
"last_updated": "2026-04-03T00:00:00Z"
}cleaner line
Newer release
bash
curl "https://api.attestd.io/v1/check?product=couchbase&version=7.6.2" \
-H "Authorization: Bearer $ATTESTD_KEY"notable cves
CVE history
| CVE | Description | Affects | CVSS |
|---|---|---|---|
CVE-2022-42966 | Unauthenticated RCE via Couchbase service exposure. | 7.0.x (see NVD) | 10.0 |
CVE-2021-33025 | Privilege escalation in Couchbase Server admin paths. | 6.5, 7.0 | 8.8 |
CVE-2020-9047 | Cross-site scripting in Couchbase admin UI. | 6.0, 6.5 | 6.1 |
CVE-2018-15728 | Information disclosure via REST API defaults. | 5.x | 7.5 |
CVE-2023-28822 | Couchbase security update (verify NVD ranges). | see NVD | 7.0 |
related