Lucene search
PRIOn knowledge basePRION:CVE-2023-46255HistoryOct 31, 2023 - 4:15 p.m.
Design/Logic Flaw
2023-10-3116:15:00
PRIOn knowledge base
www.prio-n.com
5
spicedb
open source
database
security-critical
application permissions
version 1.27.0-rc1
password logging
vulnerability
fix
0.001 Low
EPSS
Percentile
37.3%
SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Prior to version 1.27.0-rc1, when the provided datastore URI is malformed (e.g. by having a password which contains :) the full URI (including the provided password) is printed, so that the password is shown in the logs. Version 1.27.0-rc1 patches this issue.
Related
osv
osv
CVE-2023-46255
2023-10-31 16:15:10
SpiceDB leaks information in log files when URI cannot be parsed
2023-10-31 22:23:44
cvelist
cvelist
github
github
SpiceDB leaks information in log files when URI cannot be parsed
2023-10-31 22:23:44
veracode
veracode
Information Disclosure
2023-11-01 05:57:11
cve
cve
CVE-2023-46255
2023-10-31 16:15:10
nvd
nvd
CVE-2023-46255
2023-10-31 16:15:10
wolfi
wolfi
CVE-2023-46255 vulnerabilities
2024-07-02 03:09:22