Lucene search
+L

5 matches found

Veracode
Veracode
added 2024/06/21 5:36 a.m.12 views

Improper Preservation Of Permissions

github.com/authzed/spicedb is vulnerable to Improper Preservation Of Permissions. The vulnerability is due to a failure in the exclusion dispatcher to request all the folders in which the user is a member, leading to an incorrect NOPERMISSION response when the user should have permission...

3.7CVSS7AI score0.00396EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2024/06/20 11:15 p.m.52 views

CVE-2024-38361

Spicedb is an Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications. Use of an exclusion under an arrow that has multiple resources may resolve to NOPERMISSION when permission is expected. If the resource exists under multiple...

5.3CVSS0.00396EPSS
Exploits1References2
CVE
CVE
added 2024/06/20 10:18 p.m.331 views

CVE-2024-38361

SpiceDB (spicedb) vulnerability CVE-2024-38361 affects the permission-check flow: an exclusion under an arrow with multiple resources may cause a NO_PERMISSION response when PERMISSION is expected on CheckPermission, due to a failure in the exclusion dispatcher to query all folders a user can acc...

5.3CVSS3.8AI score0.00396EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/06/20 10:18 p.m.57 views

CVE-2024-38361 Permissions processing error in spacedb

Spicedb is an Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications. Use of an exclusion under an arrow that has multiple resources may resolve to NOPERMISSION when permission is expected. If the resource exists under multiple...

3.7CVSS0.00396EPSS
Exploits1References2
OSV
OSV
added 2024/06/20 10:18 p.m.30 views

CVE-2024-38361 Permissions processing error in spacedb

Spicedb is an Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications. Use of an exclusion under an arrow that has multiple resources may resolve to NOPERMISSION when permission is expected. If the resource exists under multiple...

3.7CVSS4.6AI score0.00396EPSS
Exploits1References4
Rows per page
Query Builder