12 matches found
EUVD-2025-29396
Malicious code in bioql PyPI...
SurrealDB server-takeover via SurrealQL injection on backup import
The SurrealDB command-line tool allows exporting databases through the export command. It was discovered that table or field names are not properly sanitized in exports, leading to a SurrealQL injection when the backup is reimported. For the injection to occur, an authenticated System User with...
GHSA-CCJ3-5P93-8P42 SurrealDB server-takeover via SurrealQL injection on backup import
The SurrealDB command-line tool allows exporting databases through the export command. It was discovered that table or field names are not properly sanitized in exports, leading to a SurrealQL injection when the backup is reimported. For the injection to occur, an authenticated System User with...
GHSA-M52V-24P8-654F SurrealDB has an Uncaught Exception Sorting Tables by Random Order
Sorting table records using an ORDER BY clause with the rand function as sorting mechanism could cause a panic due to relying on a comparison function that did not implement total order. This event resulted in a panic due to a recent change in Rust 1.81. Impact A client that is authorized to run...
SurrealDB has an Uncaught Exception Sorting Tables by Random Order
Sorting table records using an ORDER BY clause with the rand function as sorting mechanism could cause a panic due to relying on a comparison function that did not implement total order. This event resulted in a panic due to a recent change in Rust 1.81. Impact A client that is authorized to run...
SurrealDB has an Uncaught Exception in Function Generating Random Time
The rand::time function in SurrealQL generates a random time from an optional range of two Unix timestamps. Due to the underlying use of timestampopt from the chrono crate, this function could potentially return None in some instances, leading to a panic when unwrap was called on its result in...
GHSA-H4F5-H82V-5W4R SurrealDB has an Uncaught Exception in Function Generating Random Time
The rand::time function in SurrealQL generates a random time from an optional range of two Unix timestamps. Due to the underlying use of timestampopt from the chrono crate, this function could potentially return None in some instances, leading to a panic when unwrap was called on its result in...
SurrealDB has an Uncaught Exception Handling Parsing Errors on Empty Strings
The error rendering code from the parser would panic when handling failed parsing of queries where the error occurred when converting an empty string to a SurrealDB value. This would be the case when casting an empty string to a record, duration or datetime, as well as potentially when parsing an...
Uncaught Exception Handling Parsing Errors on Line Terminators
The span rendering would panic when handling failed parsing of queries where the error occurred on a line terminator character. Impact A client that is authorized to run queries in a SurrealDB server is able to execute a malformed query which will fail to parse on a line terminator character and...
Uncontrolled Recursion in SurrealQL Parsing
In some specific instances, the SurrealQL parser will attempt to recursively parse nested statements or idioms i.e. nested IF and RELATE statements, nested basic idioms and nested access to attributes without checking if the depth limit established by default or in the SURREALMAXCOMPUTATIONDEPTH...
GHSA-6R8P-HPG7-825G Uncontrolled Recursion in SurrealQL Parsing
In some specific instances, the SurrealQL parser will attempt to recursively parse nested statements or idioms i.e. nested IF and RELATE statements, nested basic idioms and nested access to attributes without checking if the depth limit established by default or in the SURREALMAXCOMPUTATIONDEPTH...
PT-2024-40134 · Surrealdb · Surrealdb
Name of the Vulnerable Software and Affected Versions: SurrealDB versions prior to 1.1.0 Description: The issue arises when the SurrealQL parser attempts to recursively parse nested statements or idioms without checking the established depth limit, potentially leading to a stack overflow. An...