Lucene search
K

8 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/23 5:21 p.m.4 views

CVE-2025-71382

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS6AI score0.00316EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/06/23 5:21 p.m.32 views

CVE-2025-71382 MuPDF < 1.27.0-rc1 Stack Exhaustion DoS via EPUB CSS Rendering

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS0.00316EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2023/10/31 10:23 p.m.30 views

SpiceDB leaks information in log files when URI cannot be parsed

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. When the provided datastore URI is malformed e.g. by having a password which contains : the full URI including the provided password is printed, so that the password i...

6.5CVSS4.6AI score0.00391EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/10/31 10:23 p.m.34 views

GHSA-JG7W-CXJV-98C2 SpiceDB leaks information in log files when URI cannot be parsed

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. When the provided datastore URI is malformed e.g. by having a password which contains : the full URI including the provided password is printed, so that the password i...

4.2CVSS5.2AI score0.00391EPSS
Exploits0References4
NVD
NVD
added 2023/10/31 4:15 p.m.42 views

CVE-2023-46255

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Prior to version 1.27.0-rc1, when the provided datastore URI is malformed e.g. by having a password which contains : the full URI including the provided password is...

6.5CVSS5.3AI score0.00391EPSS
Exploits0References2
Prion
Prion
added 2023/10/31 4:15 p.m.28 views

Design/Logic Flaw

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Prior to version 1.27.0-rc1, when the provided datastore URI is malformed e.g. by having a password which contains : the full URI including the provided password is...

4.3CVSS6.5AI score0.00391EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/10/31 3:25 p.m.46 views

CVE-2023-46255 `SPICEDB_DATASTORE_CONN_URI` is leaked when URI cannot be parsed

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Prior to version 1.27.0-rc1, when the provided datastore URI is malformed e.g. by having a password which contains : the full URI including the provided password is...

4.2CVSS6.7AI score0.00391EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/10/31 12:0 a.m.5 views

PT-2023-29935 · Spicedb · Spicedb

Name of the Vulnerable Software and Affected Versions: SpiceDB versions prior to 1.27.0-rc1 Description: SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. When the provided datastore URI is malformed, such as having a...

6.5CVSS6.9AI score0.00391EPSS
Exploits0References10
Rows per page
Query Builder