Security: authzed/spicedb
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
Report a vulnerability-
Calls to LookupResources using LookupResources2 with caveats may return context is missing when it is notGHSA-3c32-4hq9-6wgj published
Oct 14, 2024 by vroldanbetLow -
Multiple caveats on resources of the same type can result in no permission when permission is expectedGHSA-jhg6-6qrx-38mr published
Sep 18, 2024 by josephschorrLow -
Exclusions under arrows with multiple resources can result in no permission returned when permission expectedGHSA-grjv-gjgr-66g2 published
Jun 20, 2024 by josephschorrLow -
LookupSubjects may return partial results if a specific kind of relation is usedGHSA-j85q-46hg-36p2 published
Apr 10, 2024 by ecordellLow -
Integer overflow causes dispatching to miss elements or panicGHSA-h3m7-rqc4-7h9p published
Mar 1, 2024 by jzelinskieHigh -
`SPICEDB_DATASTORE_CONN_URI` is leaked when URI cannot be parsedGHSA-jg7w-cxjv-98c2 published
Oct 30, 2023 by josephschorrModerate -
LookupResources may return partial results in v1.22.0GHSA-m54h-5x5f-5m6r published
Jun 26, 2023 by ecordellLow -
Binding metrics port to untrusted networks can leak command-line flagsGHSA-cjr9-mr35-7xh6 published
Apr 13, 2023 by jzelinskieHigh -
Lookup operations do not take into account wildcards in intersections or exclusionsGHSA-7p8f-8hjm-wm92 published
Jan 11, 2022 by josephschorrHigh
Learn more about advisories related to authzed/spicedb in the GitHub Advisory Database