Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Microsoft CVE
Microsoft CVEadded 2025/09/04 2:46 a.m.1 views

Vitess vulnerable to infinite memory consumption and vtgate crash

...

4.9CVSS7AI score0.00131EPSS
Exploits0
Github Security Blog
Github Security Blogadded 2024/12/03 6:43 p.m.20 views

Vitess allows HTML injection in /debug/querylogz & /debug/env

Summary The /debug/querylogz and /debug/env pages for vtgate and vttablet do not properly escape user input. The result is that queries executed by Vitess can write HTML into the monitoring page at will. Details These pages are rendered using text/template instead of rendering with a proper HTML...

4.9CVSS6.5AI score0.00057EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2024/12/03 6:43 p.m.10 views

GHSA-7MWH-Q3XM-QH6P Vitess allows HTML injection in /debug/querylogz & /debug/env

Summary The /debug/querylogz and /debug/env pages for vtgate and vttablet do not properly escape user input. The result is that queries executed by Vitess can write HTML into the monitoring page at will. Details These pages are rendered using text/template instead of rendering with a proper HTML...

6.9CVSS4.8AI score0.00057EPSS
Exploits0References4
CNNVD
CNNVDadded 2024/12/03 12:0 a.m.1 views

Vitess 安全漏洞

Vitess is a database clustering system for horizontally scaling MySQL from the Vitess open source. A security vulnerability exists in Vitess that stems from the /debug/querylogz and /debug/env pages of vtgate and vttablet not properly escaping user input...

4.9CVSS6.2AI score0.00057EPSS
Exploits0References2
Veracode
Veracodeadded 2024/05/09 6:8 a.m.11 views

Denial Of Service (DoS)

github.com/vitessio/vitess is vulnerable to Denial Of Service DoS. The vulnerability is caused by an endless loop triggered by a specific query in the vtgate component. This loop leads to continuous memory consumption, eventually resulting in Denial of Service DoS...

4.9CVSS6.7AI score0.00131EPSS
Exploits0References8Affected Software1
OSV
OSVadded 2024/05/08 2:15 p.m.2 views

AZL-40360 CVE-2024-32886 affecting package vitess for versions less than 19.0.4-1

Vitess is a database clustering system for horizontal scaling of MySQL. When executing the following simple query, the vtgate will go into an endless loop that also keeps consuming memory and eventually will run out of memory. This vulnerability is fixed in 19.0.4, 18.0.5, and 17.0.7...

4.9CVSS5.8AI score0.00131EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/05/08 2:10 p.m.13 views

CVE-2024-32886 Vitess vulnerable to infinite memory consumption and vtgate crash

Vitess is a database clustering system for horizontal scaling of MySQL. When executing the following simple query, the vtgate will go into an endless loop that also keeps consuming memory and eventually will run out of memory. This vulnerability is fixed in 19.0.4, 18.0.5, and 17.0.7...

4.9CVSS5.3AI score0.00131EPSS
Exploits0References7
Rows per page
Query Builder