Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

cargo surrealdb Security Advisories

Browse all Security Advisories for cargo surrealdb

Loading...
Moderate
GSA_kwCzR0hTQS1tNTJ2LTI0cDgtNjU0Zs4ABBnj
SurrealDB has an Uncaught Exception Sorting Tables by Random Order
Ecosystems: cargo
Packages: surrealdb-core, surrealdb
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: 18 days ago
Moderate
GSA_kwCzR0hTQS1qYzU1LTI0NmMtcjg4Zs4ABBni
SurrealDB has an Uncaught Exception Handling Nonexistent Role
Ecosystems: cargo
Packages: surrealdb-core, surrealdb
Source: GitHub Advisory Database
Blast Radius: 10.8
Published: 18 days ago
Moderate
GSA_kwCzR0hTQS1oNGY1LWg4MnYtNXc0cs4ABBnh
SurrealDB has an Uncaught Exception in Function Generating Random Time
Ecosystems: cargo
Packages: surrealdb-core, surrealdb
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: 18 days ago
High
GSA_kwCzR0hTQS05NzIyLTlqNjctdmpjcs4ABAFl
Improper Authorization in Select Permissions
Ecosystems: cargo
Packages: surrealdb-core, surrealdb
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: 2 months ago
High
GSA_kwCzR0hTQS1xanJ2LXY2cXAteDk5eM4ABAFk
SurrealDB has an Uncaught Exception Handling Parsing Errors on Empty Strings
Ecosystems: cargo
Packages: surrealdb-core, surrealdb
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: 2 months ago
High
GSA_kwCzR0hTQS02NGY4LXBqZ3ItOXdtcs4AA_eW
Untrusted Query Object Evaluation in RPC API
Ecosystems: cargo
Packages: surrealdb, surrealdb-core
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1naDlmLTZ4bTItYzRqMs4AA9zl
SurrealDB vulnerable to Improper Authentication when Changing Databases as Scope User
Ecosystems: cargo
Packages: surrealdb-core, surrealdb
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: 5 months ago
High
GSA_kwCzR0hTQS1xM2dnLW04aHItaDR4NM4AA5Zu
Externally Controlled Format String in Scripting Functions
Ecosystems: cargo
Packages: surrealdb
Source: GitHub Advisory Database
Blast Radius: 18.9
Published: 10 months ago
Moderate
GSA_kwCzR0hTQS02d3I1LWptcHItbWpjeM4AA5Zt
Uncaught Exception in Macro Expecting Native Function to Exist
Ecosystems: cargo
Packages: surrealdb
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: 10 months ago
Moderate
GSA_kwCzR0hTQS04eGZmLTQ3M2gtZjg2M84AA5Zs
Uncaught Exception Handling Parsing Errors on Line Terminators
Ecosystems: cargo
Packages: surrealdb
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: 10 months ago
High
GSA_kwCzR0hTQS01OGo5LWoyZmotdjhmNM4AA4lB
SurrealDB vulnerable to Uncontrolled CPU Consumption via WebSocket Interface
Ecosystems: cargo
Packages: surrealdb
Source: GitHub Advisory Database
Blast Radius: 16.5
Published: 11 months ago
Moderate
GSA_kwCzR0hTQS02cjhwLWhwZzctODI1Z84AA4jk
Uncontrolled Recursion in SurrealQL Parsing
Ecosystems: cargo
Packages: surrealdb
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: 11 months ago
High
GSA_kwCzR0hTQS1tMjR4LXI2cTMtMnZwOc4AA4jj
Uncaught Exception processing HTTP Headers in SurrealDB
Ecosystems: cargo
Packages: surrealdb
Source: GitHub Advisory Database
Blast Radius: 16.5
Published: 11 months ago
Moderate
GSA_kwCzR0hTQS1qbTR2LTU4cjUtNjZoas4AA4ji
Uncaught Exception in surrealdb
Ecosystems: cargo
Packages: surrealdb
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: 11 months ago
High
GSA_kwCzR0hTQS14NWZyLTdoaGotMzRqM84AA3yk
Full Table Permissions by Default
Ecosystems: cargo
Packages: surrealdb
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: 12 months ago
Statistics
Advisories: 20,851
Packages: 9,120
Repositories: 1
Ecosystems: 12
Filter by Package
openssl-src 26 ckb 22 wasmtime 19 rusqlite 16 surrealdb 15 deno 13 openssl 8 hyper 7 surrealdb-core 7 libpulse-binding 7 smallvec 6 Simple-Wayland-HotKey-Daemon 6 sized-chunks 6 apollo-router 6 cargo 6 cranelift-codegen 6 lock_api 5 bottlerocket/update-operator 5 tauri 5 messagepack-rs 5 comrak 5 xcb 5 actix-web 4 wasmtime 4 deno_runtime 4 tremor-script 4 evm 4 tokio 4 github.com/CosmWasm/wasmvm 4 cosmwasm-vm 4 gitoxide 4 pleaser 4 raw-cpuid 4 github.com/CosmWasm/wasmvm/v2 3 ntpd 3 ammonia 3 gix-path 3 arr 3 quiche 3 id-map 3 grin 3 apache-avro 3 gix 3 fltk 3 anoncreds-clsignatures 3 ursa 3 h2 3 slice-deque 3 solana_rbpf 3 s2n-tls 3 cgc 3 tough 3 gitoxide-core 3 wasm3 3 s2n-quic 3 pywasm3 3 pyo3 3 matrix-sdk-crypto 3 pallet-ethereum 3 flatbuffers 3 crossbeam-channel 3 arrow 3 acc_reader 3 nanorand 3 russh 3 routinator 3 crossbeam 3 stack_dst 2 lettre 2 tower-http 2 async-h1 2 rand_core 2 libgit2-sys 2 pnet 2 http 2 lru 2 gix-transport 2 bumpalo 2 failure 2 phonenumber 2 binjs_io 2 ncurses 2 trust-dns-server 2 sodiumoxide 2 derive-com-impl 2 vodozemac 2 ticketed_lock 2 spin 2 tectonic_xdv 2 arenavec 2 coreos-installer 2 cache 2 tor-circmgr 2 metrics-util 2 arti 2 mopa 2 gfx-auxil 2 ash 2 columnar 2 pallet-evm-precompile-modexp 2 Deno 2 sha2 2 molecule 2 biscuit-auth 2 nano-id 2 array-macro 2 tar 2 csv-sniffer 2 flumedb 2 quinn-proto 2 vec-const 2 bite 2 vm-memory 2 traitobject 2 ozone 2 libsecp256k1 2 libp2p-core 2 inventory 2 internment 2 v9 2 tiny_future 2 signal-simple 2 image 2 hyper-staticfile 2 futures-util 2 memoffset 2 svix 2 slock 2 bronzedb-protocol 2 buffoon 2 rustls 2 rdiff 2 rust-embed 2 sequoia-openpgp 2 evm-core 2 crypto2 2 simple_asn1 2 abomonation 2 opcua 2 rocket 2 rulex 2 multiqueue 2 slack-morphism 2 rsa 2 abi_stable 2 cocoon 2 zerocopy 2 actix-http 2 syncpool 2 parc 2 generator 2 reorder 2 mio 2 async-graphql 2 crayon 2 ordnung 2 simple-slab 2 oqs 2 gix-index 2 diesel 2 pgp 2 streebog 2 net2 2 futures-task 2 toodee 2 gix-worktree-state 2 nix 2 gix-worktree 2 mpl-token-metadata 1 mpl-bubblegum 1 windows 1 mpl-candy-machine 1 birdcage 1 self_cell 1 dbn 1 cyfs-base 1 ostree 1 yamux 1 uu_od 1 once_cell 1 rkyv 1 wasmer-cli 1 idna 1 libflate 1 tss-esapi 1 fruity 1 branca 1 static-web-server 1 axum-core 1 time 1 olm-sys 1 lemmy_server 1 shlex 1 borsh 1 glsl-layout 1 aes-gcm 1 pancurses 1 whoami 1 unicycle 1 wasmi 1