Security Advisory

CVE-2023-46255

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-10-31 15:25:24

Last updated 2024-09-05 20:16:15

Assigner GitHub_M

State PUBLISHED

Description

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Prior to version 1.27.0-rc1, when the provided datastore URI is malformed (e.g. by having a password which contains `:`) the full URI (including the provided password) is printed, so that the password is shown in the logs. Version 1.27.0-rc1 patches this issue.

← Browse all CVEs View on cve.org ↗