GO-2026-4465 LookupResources Cursor section tampering can crash SpiceDB process via tuple.MustParse panic in github.com/authzed/spicedb

LookupResources Cursor section tampering can crash SpiceDB process via tuple.MustParse panic in github.com/authzed/spicedb. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positi...

GHSA-VHVQ-FV9F-WH4Q LookupResources Cursor section tampering can crash SpiceDB process via tuple.MustParse panic

Description A malformed or tampered-with LookupResources Cursor token can cause a panic in the SpiceDB process if it fails to parse. If an attacker were able to make requests to a SpiceDB instance, they could affect its availability. Reproduction If one was to take a cursor from a LookupResources...

LookupResources Cursor section tampering can crash SpiceDB process via tuple.MustParse panic

Description A malformed or tampered-with LookupResources Cursor token can cause a panic in the SpiceDB process if it fails to parse. If an attacker were able to make requests to a SpiceDB instance, they could affect its availability. Reproduction If one was to take a cursor from a LookupResources...