pkg:Go/github.com/authzed/spicedb

共 26 筆 CVEHIGH6MEDIUM5LOW12

✅ 檢查你的版本

所有已知漏洞

  • HIGH8.1CVE-2023-29193SpiceDB binding metrics port to untrusted networks and can leak command-line flags in github.com/authzed/spicedb
    from 0, < 1.19.1
  • HIGH8.1CVE-2023-29193SpiceDB binding metrics port to untrusted networks and can leak command-line flags in github.com/authzed/spicedb
    from 0, < 1.19.1
  • HIGH8.1CVE-2022-21646Lookup operations do not take into account wildcards in SpiceDB in github.com/authzed/spicedb
    >= 1.3.0, < 1.4.0
  • HIGH8.1CVE-2022-21646Lookup operations do not take into account wildcards in SpiceDB in github.com/authzed/spicedb
    >= 1.3.0, < 1.4.0
  • HIGH7.3CVE-2024-27101Integer overflow in chunking helper causes dispatching to miss elements or panic in github.com/authzed/spicedb
    from 0, < 1.29.2
  • HIGH7.3CVE-2024-27101Integer overflow in chunking helper causes dispatching to miss elements or panic in github.com/authzed/spicedb
    from 0, < 1.29.2
  • MEDIUM6.5CVE-2025-64529SpiceDB WriteRelationships fails silently if payload is too big
    from 0, < 1.45.2
  • MEDIUM6.5CVE-2025-64529SpiceDB WriteRelationships fails silently if payload is too big
    from 0, < 1.45.2
  • MEDIUM6.0CVE-2026-40091SpiceDB's SPICEDB_DATASTORE_CONN_URI is leaked on startup logs
    >= 1.49.0, < 1.51.1
  • MEDIUM4.2CVE-2023-46255SpiceDB leaks information in log files when URI cannot be parsed
    from 0, < 1.27.0-rc1
  • MEDIUM4.2CVE-2023-46255SpiceDB leaks information in log files when URI cannot be parsed
    from 0, < 1.27.0-rc1
  • LOW3.7CVE-2025-49011SpiceDB checks involving relations with caveats can result in no permission when permission is expected in github.com/authzed/spicedb
    from 0, < 1.44.2
  • LOW3.7CVE-2025-49011SpiceDB checks involving relations with caveats can result in no permission when permission is expected in github.com/authzed/spicedb
    from 0, < 1.44.2
  • LOW3.7CVE-2024-46989SpiceDB having multiple caveats on resources of the same type may improperly result in no permission in github.com/authzed/spicedb
    from 0, < 1.35.3
  • LOW3.7CVE-2024-46989SpiceDB having multiple caveats on resources of the same type may improperly result in no permission in github.com/authzed/spicedb
    from 0, < 1.35.3
  • LOW3.7CVE-2024-38361SpiceDB exclusions can result in no permission returned when permission expected in github.com/authzed/spicedb
    from 0, < 1.33.1
  • LOW3.7CVE-2024-38361SpiceDB exclusions can result in no permission returned when permission expected in github.com/authzed/spicedb
    from 0, < 1.33.1
  • LOW3.7CVE-2023-35930SpiceDB's LookupResources may return partial results in github.com/authzed/spicedb
    >= 1.22.0, < 1.22.2
  • LOW3.7CVE-2023-35930SpiceDB's LookupResources may return partial results in github.com/authzed/spicedb
    >= 1.22.0, < 1.22.2
  • LOW2.2CVE-2024-32001SpiceDB: LookupSubjects may return partial results if a specific kind of relation is used in github.com/authzed/spicedb
    from 0, < 1.30.1
  • LOW2.2CVE-2024-32001SpiceDB: LookupSubjects may return partial results if a specific kind of relation is used in github.com/authzed/spicedb
    from 0, < 1.30.1
  • LOW2.0CVE-2024-48909SpiceDB calls to LookupResources using LookupResources2 with caveats may return context is missing when it is not in github.com/authzed/spicedb
    >= 1.35.0, < 1.37.1
  • LOW2.0CVE-2024-48909SpiceDB calls to LookupResources using LookupResources2 with caveats may return context is missing when it is not in github.com/authzed/spicedb
    >= 1.35.0, < 1.37.1
  • CVE-2026-46668SpiceDB: Caveat structures with nested lists can result in improper cache reuse
    >= 1.15.0, < 1.52.0
  • CVE-2025-65111SpiceDB: LookupResources with Multiple Entrypoints across Different Definitions Can Return Incomplete Results
    from 0, < 1.47.1
  • CVE-2025-65111SpiceDB: LookupResources with Multiple Entrypoints across Different Definitions Can Return Incomplete Results
    from 0, < 1.47.1