Lucene search
+L

4 matches found

NVD
NVD
added 9 hours ago5 views

CVE-2024-58356

SurrealDB before 2.1.4 silently fails to overwrite table definitions when the DEFINE TABLE ... OVERWRITE clause is used on tables defined with TYPE RELATION. Because table definitions include the PERMISSIONS clause, an attempt to tighten a table's permissions via OVERWRITE does not take effect, a...

2.3CVSS
Exploits0References2
Cvelist
Cvelist
added 10 hours ago8 views

CVE-2024-58356 SurrealDB before 2.1.4 Permission Bypass via DEFINE TABLE OVERWRITE

SurrealDB before 2.1.4 silently fails to overwrite table definitions when the DEFINE TABLE ... OVERWRITE clause is used on tables defined with TYPE RELATION. Because table definitions include the PERMISSIONS clause, an attempt to tighten a table's permissions via OVERWRITE does not take effect, a...

2.3CVSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 10 hours ago3 views

CVE-2024-58356

SurrealDB before 2.1.4 silently fails to overwrite table definitions when the DEFINE TABLE ... OVERWRITE clause is used on tables defined with TYPE RELATION. Because table definitions include the PERMISSIONS clause, an attempt to tighten a table's permissions via OVERWRITE does not take effect, a...

2.3CVSS5.3AI score
Exploits0References3
CVE
CVE
added 10 hours ago7 views

CVE-2024-58356

SurrealDB prior to version 2.1.4 is affected by a permission-bypass issue. When using DEFINE TABLE ... OVERWRITE on tables defined with TYPE RELATION, the PERMISSIONS clause is not applied, so tightened permissions may not take effect and an authorized client could continue to access data. Affect...

2.3CVSS5.3AI score
Exploits0References2
Rows per page
Query Builder