6 matches found
CVE-2024-58358
SurrealDB versions before 2.1.0 contain a denial of service vulnerability in role conversion that allows privileged owner users to define users with nonexistent roles. Attackers can trigger an uncaught panic by signing in with a user assigned an invalid role, crashing the server...
CVE-2024-58358
SurrealDB versions before 2.1.0 contain a denial of service vulnerability in role conversion that allows privileged owner users to define users with nonexistent roles. Attackers can trigger an uncaught panic by signing in with a user assigned an invalid role, crashing the server...
CVE-2024-58358 SurrealDB before 2.1.0 Denial of Service via Nonexistent Role
SurrealDB versions before 2.1.0 contain a denial of service vulnerability in role conversion that allows privileged owner users to define users with nonexistent roles. Attackers can trigger an uncaught panic by signing in with a user assigned an invalid role, crashing the server...
EUVD-2024-55675
SurrealDB versions before 2.1.0 contain a denial of service vulnerability in role conversion that allows privileged owner users to define users with nonexistent roles. Attackers can trigger an uncaught panic by signing in with a user assigned an invalid role, crashing the server...
EUVD-2018-15616
Malware in sbrugna...
PT-2018-16223 · Elastic · Cloud Enterprise
Name of the Vulnerable Software and Affected Versions: Elastic Cloud Enterprise ECE versions prior to 1.1.4 Description: A security issue was found in Elastic Cloud Enterprise where a user could scale out allocators on new hosts using an invalid roles token. An attacker with access to the previou...