111 matches found
CVE-2026-34976
CVE-2026-34976 affects Dgraph prior to 25.3.1 where the restoreTenant admin mutation is missing from the authorization middleware, allowing an unauthenticated attacker to specify attacker-controlled backup locations (including file://), S3/MinIO credentials, encryption key paths, and Vault IDs. T...
Dgraph 安全漏洞
Dgraph is an open-source, horizontally scalable distributed GraphQL database with a graphical backend. Versions of Dgraph prior to 25.3.1 contained a security vulnerability. This vulnerability stemmed from a flaw in the restoreTenant management mechanism, which lacked an authorization middleware...
CVE-2026-34976 vulnerabilities
Vulnerabilities for packages: dgraph...
GHSA-P5RH-VMHP-GVCW vulnerabilities
Vulnerabilities for packages: dgraph...
CVE-2026-34976 vulnerabilities
Vulnerabilities for packages: dgraph...
GHSA-P5RH-VMHP-GVCW vulnerabilities
Vulnerabilities for packages: dgraph...
CVE-2026-32285 vulnerabilities
Vulnerabilities for packages: ollama, minio, terragrunt, teleport, lazygit, grafana-alloy, datadog-agent, mcp-grafana, dagger, prometheus, maru, cri-tools, loki, terraform-mcp-server, malcontent, kubevela, weaviate, opentelemetry-collector, gitlab-runner, nuclei, vcluster, rclone, k3s, grafana,...
GHSA-FW7P-63QQ-7HPR vulnerabilities
Vulnerabilities for packages: certificate-transparency, croc, crossplane-provider-sql, kubeflow-pipelines, telegraf, step-issuer, temporal, step-kms-plugin, jitsucom-bulker, db-operator, openbao, apko, minio, terragrunt, gitea, argo-workflows, grafana-alloy, mariadb-operator, juicefs, mattermost,...
GHSA-M332-53R6-2W93 vulnerabilities
Vulnerabilities for packages: dgraph...
CVE-2020-15112 vulnerabilities
Vulnerabilities for packages: dgraph...
GHSA-M332-53R6-2W93 vulnerabilities
Vulnerabilities for packages: dgraph, etcd, etcd-fips...
CVE-2020-15112 vulnerabilities
Vulnerabilities for packages: dgraph, etcd, etcd-fips...
CVE-2025-61729 vulnerabilities
Vulnerabilities for packages: kubernetes-csi-external-health-monitor, newrelic-infrastructure-agent, slsa-verifier, restic, kube-fluentd-operator, gogatekeeper, syft, karpenter, go-md2man, knative-client, secrets-store-csi-driver-provider-gcp, opentelemetry-collector, promxy,...
EUVD-2023-1505
Malicious code in bioql PyPI...
GHSA-8PJC-487G-W6P2 vulnerabilities
Vulnerabilities for packages: rancher-security-scan, cloud-sql-proxy, azure-service-operator, eck-operator, argo-events, helm-operator, rabbitmq-default-user-credential-updater, opentofu, gobump, traefik, conftest, karpenter, mongo-tools, vitess, docker-cli, nodetaint, wgcf, mattermost, nri-f5,...
CVE-2023-31135
Dgraph is an open source distributed GraphQL database. Existing Dgraph audit logs are vulnerable to brute force attacks due to nonce collisions. The first 12 bytes come from a baseIv which is initialized when an audit log is created. The last 4 bytes come from the length of the log line being...
CVE-2024-24788 vulnerabilities
Vulnerabilities for packages: prometheus-adapter, mockery, tfsec, eck-operator, newrelic-prometheus-configurator, caddy-fips, mongo-tools, cert-manager-fips, opentelemetry-collector-contrib-fips, wireguard-go, crane, crossplane, gosu, atlantis, flux-kustomize-controller, frp,...
GHSA-VJG6-93FV-QV64 vulnerabilities
Vulnerabilities for packages: dgraph, juicefs...
GHSA-VJG6-93FV-QV64 vulnerabilities
Vulnerabilities for packages: juicefs, dgraph, etcd, etcd-fips...
GHSA-PM3M-32R3-7MFH vulnerabilities
Vulnerabilities for packages: dgraph...