CVE-2024-58356
SurrealDB prior to version 2.1.4 is affected by a permission-bypass issue. When using DEFINE TABLE ... OVERWRITE on tables defined with TYPE RELATION, the PERMISSIONS clause is not applied, so tightened permissions may not take effect and an authorized client could continue to access data. Affect...