Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Spicedb Security Vulnerabilities - 2023

cve
cve

CVE-2023-29193

SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. The spicedb serve command contains a flag named --grpc-preshared-key which is used to protect the gRPC API from being accessed by unauthorized requests. The valu...

8.7CVSS

7.6AI Score

0.001EPSS

2023-04-14 08:15 PM
258
2
cve
cve

CVE-2023-35930

SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. Any user making a negative authorization decision based on the results of a LookupResources request with 1.22.0 is affected. For example, using LookupResources t...

5.3CVSS

5AI Score

0.001EPSS

2023-06-26 08:15 PM
10
cve
cve

CVE-2023-46255

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Prior to version 1.27.0-rc1, when the provided datastore URI is malformed (e.g. by having a password which contains :) the full URI (including the provided password) is ...

6.5CVSS

6.3AI Score

0.001EPSS

2023-10-31 04:15 PM
27