Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

go

github.com/dgraph-io/dgraph

go

View on github.com · View on proxy.golang.org

Security Advisories for github.com/dgraph-io/dgraph in go

Critical
about 2 months ago

Dgraph: Unauthenticated Admin Token Disclosure Leading to Authentication Bypass via /debug/vars GSA_kwCzR0hTQS12dmY3LTZybXItbTI5cc4ABVwz

go github.com/dgraph-io/dgraph, github.com/dgraph-io/dgraph/v24, github.com/dgraph-io/dgraph/v25
Critical
about 2 months ago

Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in NQuad Lang Field GSA_kwCzR0hTQS14OTJ4LXB4N3ctNGd4NM4ABVwr

go github.com/dgraph-io/dgraph, github.com/dgraph-io/dgraph/v24, github.com/dgraph-io/dgraph/v25
Critical
about 2 months ago

Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in Upsert Condition Field GSA_kwCzR0hTQS1tcnh4LTM5ZzUtcGg3N84ABVwq

go github.com/dgraph-io/dgraph, github.com/dgraph-io/dgraph/v24, github.com/dgraph-io/dgraph/v25
Critical
2 months ago

Dgraph: Unauthenticated /debug/pprof/cmdline discloses admin auth token, enabling unauthorized access to protected Alpha admin endpoints GSA_kwCzR0hTQS05NW1xLXh3ajQtcjQ3cM4ABVYr

go github.com/dgraph-io/dgraph, github.com/dgraph-io/dgraph/v24, github.com/dgraph-io/dgraph/v25
Critical
3 months ago

Dgraph: Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing Authorization GSA_kwCzR0hTQS1wNXJoLXZtaHAtZ3Zjd84ABUpJ

go github.com/dgraph-io/dgraph, github.com/dgraph-io/dgraph/v24, github.com/dgraph-io/dgraph/v25
Moderate
about 3 years ago

Dgraph Audit Log Encryption Vulnerability GSA_kwCzR0hTQS05MndxLXE5cHEtZ3c0N84AAzYG

go github.com/dgraph-io/dgraph

Filter by Severity

Critical 5 Moderate 1