Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:56 a.m.6 views

CVE-2023-46255

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Prior to version 1.27.0-rc1, when the provided datastore URI is malformed e.g. by having a password which contains : the full URI including the provided password is...

6.5CVSS6.4AI score0.00391EPSS
Exploits0References1
Circl
Circl
added 2023/10/31 7:22 p.m.5 views

CVE-2023-46255

creationtimestamp| type| source ---|---|--- 2023-10-31 19:22:14+00:00| seen| https://t.me/cibsecurity/73251...

6.5CVSS6.2AI score0.00391EPSS
Exploits0References1
Chainguard
Chainguard
added 2023/10/31 4:15 p.m.25 views

CVE-2023-46255 vulnerabilities

Vulnerabilities for packages: spicedb...

6.5CVSS6.9AI score0.00391EPSS
Exploits0
Wolfi
Wolfi
added 2023/10/31 4:15 p.m.17 views

CVE-2023-46255 vulnerabilities

Vulnerabilities for packages: spicedb...

6.5CVSS7.5AI score0.00391EPSS
Exploits0
CVE
CVE
added 2023/10/31 3:25 p.m.287 views

CVE-2023-46255

SpiceDB (open source, Google Zanzibar-inspired permissions store) has a log exposure flaw: if the datastore URI is malformed (for example, a password containing a colon), the full URI including the password is printed to logs. This is addressed in version 1.27.0-rc1. Upgrade to 1.27.0-rc1 or late...

6.5CVSS5.2AI score0.00391EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/10/31 3:25 p.m.46 views

CVE-2023-46255 `SPICEDB_DATASTORE_CONN_URI` is leaked when URI cannot be parsed

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Prior to version 1.27.0-rc1, when the provided datastore URI is malformed e.g. by having a password which contains : the full URI including the provided password is...

4.2CVSS6.7AI score0.00391EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/10/31 3:25 p.m.14 views

CVE-2023-46255 `SPICEDB_DATASTORE_CONN_URI` is leaked when URI cannot be parsed

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Prior to version 1.27.0-rc1, when the provided datastore URI is malformed e.g. by having a password which contains : the full URI including the provided password is...

4.2CVSS6.8AI score0.00391EPSS
Exploits0References2
Rows per page
Query Builder