Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-7210

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.0042EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/09/18 5:29 p.m.25 views

CVE-2024-46989 Multiple caveats on resources of the same type can result in no permission when permission is expected

spicedb is an Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications. Multiple caveats over the same indirect subject type on the same relation can result in no permission being returned when permission is expected. If the resourc...

3.7CVSS6.8AI score0.0029EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/20 10:18 p.m.15 views

CVE-2024-38361 Permissions processing error in spacedb

Spicedb is an Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications. Use of an exclusion under an arrow that has multiple resources may resolve to NOPERMISSION when permission is expected. If the resource exists under multiple...

3.7CVSS7AI score0.00396EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/03/01 9:1 p.m.47 views

CVE-2024-27101 Integer overflow in chunking helper causes dispatching to miss elements or panic

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Integer overflow in chunking helper causes dispatching to miss elements or panic. Any SpiceDB cluster with any schema where a resource being checked has more than 6553...

7.3CVSS7.3AI score0.00456EPSS
Exploits0References2
CVE
CVE
added 2024/03/01 9:1 p.m.315 views

CVE-2024-27101

CVE-2024-27101 affects SpiceDB (Google Zanzibar-inspired permissions store). The root cause is an integer overflow in the chunking helper, which can cause dispatching to miss elements or panic when a resource has more than 65,535 relationships for a given resource and subject type. Affected API m...

9.1CVSS7AI score0.00456EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/10/31 10:23 p.m.34 views

GHSA-JG7W-CXJV-98C2 SpiceDB leaks information in log files when URI cannot be parsed

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. When the provided datastore URI is malformed e.g. by having a password which contains : the full URI including the provided password is printed, so that the password i...

4.2CVSS5.2AI score0.00391EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2023/10/31 10:23 p.m.30 views

SpiceDB leaks information in log files when URI cannot be parsed

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. When the provided datastore URI is malformed e.g. by having a password which contains : the full URI including the provided password is printed, so that the password i...

6.5CVSS4.6AI score0.00391EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2023/10/31 4:15 p.m.42 views

CVE-2023-46255

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Prior to version 1.27.0-rc1, when the provided datastore URI is malformed e.g. by having a password which contains : the full URI including the provided password is...

6.5CVSS5.3AI score0.00391EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/04/14 12:0 a.m.13 views

SpiceDB 安全漏洞

SpiceDB is a fine-grained permissions database inspired by Google Zanzibar. A security vulnerability exists in SpiceDB versions prior to 1.19.1. An attacker exploited the vulnerability to obtain sensitive data...

8.7CVSS7.6AI score0.00762EPSS
Exploits0References4
Rows per page
Query Builder