5 matches found
CVE-2022-21646
SpiceDB is a database system for managing security-critical application permissions. Any user making use of a wildcard relationship under the right hand branch of an exclusion or within an intersection operation will see Lookup/LookupResources return a resource as "accessible" if it is not...
CVE-2022-21646
SpiceDB is a database system for managing security-critical application permissions. Any user making use of a wildcard relationship under the right hand branch of an exclusion or within an intersection operation will see Lookup/LookupResources return a resource as "accessible" if it is not...
CVE-2022-21646
SpiceDB vulnerability CVE-2022-21646 affects wildcard handling in lookups: using a wildcard on the right side of an intersection or within an exclusion can cause Lookup/LookupResources to treat resources as accessible when they are not. In v1.3.0 the wildcard was ignored in dispatch, making the b...
CVE-2022-21646 Lookup operations do not take into account wildcards in SpiceDB
SpiceDB is a database system for managing security-critical application permissions. Any user making use of a wildcard relationship under the right hand branch of an exclusion or within an intersection operation will see Lookup/LookupResources return a resource as "accessible" if it is not...
CVE-2022-21646 Lookup operations do not take into account wildcards in SpiceDB
SpiceDB is a database system for managing security-critical application permissions. Any user making use of a wildcard relationship under the right hand branch of an exclusion or within an intersection operation will see Lookup/LookupResources return a resource as "accessible" if it is not...