surrealdb-core vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the surrealdb-core package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
H Unintended Proxy or Intermediary ('Confused Deputy')	[,2.5.0)
M Incorrect Authorization	[,2.1.9)[2.2.0,2.2.8)[2.3.0,2.3.8)[3.0.0-alpha.1,3.0.0-alpha.8)
H Uncaught Exception	[,2.0.5)[2.1.0,2.1.5)[2.2.0,2.2.2)
M Directory Traversal	[,2.1.5)[2.2.0,2.2.2)
M Server-side Request Forgery (SSRF)	[,2.0.5)[2.1.0,2.1.5)[2.2.0,2.2.2)
H Allocation of Resources Without Limits or Throttling	[,2.0.5)[2.1.0,2.1.5)[2.2.0,2.2.2)
H Infinite loop	[,2.0.5)[2.1.0,2.1.5)[2.2.0,2.2.2)
C Arbitrary Command Injection	[,2.0.5)[2.1.0,2.1.5)[2.2.0,2.2.2)
H Memory Allocation with Excessive Size Value	[,2.0.5)[2.1.0,2.1.5)[2.2.0,2.2.2)
M Uncontrolled Recursion	[,2.0.5)[2.1.0,2.1.5)[2.2.0,2.2.2)
L Incorrect Permission Assignment for Critical Resource	[2.0.0,)
H Uncaught Exception	[,2.1.0)
H Uncaught Exception	[,2.1.0)
M Uncaught Exception	[,2.1.0)
H Improper Authorization	[,2.0.4)
H Uncaught Exception	[2.0.0,2.0.4)
H Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)	[,1.5.2)
H Improper Authentication	[,1.5.1)