Approved changes feed: RSS · Atom

cpe:2.3:a:couchbase:.net_sdk:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorCouchbase (75b35c19-6384-575a-856c-d68a8fd3e277)
Product.Net Sdk (e47508b6-f524-557d-a132-35d9b724b503)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-49015 vulnerable 2026-06-08 07:29:12.480999 Details available
The Couchbase .NET SDK (client library) before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact, the SDK was also using IP addresses instead of hostnames due to a configuration option that was incorrectly enabled by default.
Published: 2025-06-18T00:00:00.000Z
Updated: 2025-06-18T14:47:35.181Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.