Homepage

yugabyte/yugabyte-db vulnerabilities

Licenses: Apache-2.0 | Unknown | Public-Domain | MIT | BSL-1.0 | BSD-3-Clause | bzip2-1.0.6 | Unlicense | CC0-1.0

License

Apache-2.0
Unknown
Public-Domain
MIT
BSL-1.0
BSD-3-Clause
bzip2-1.0.6
Unlicense
CC0-1.0
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the https://github.com|yugabyte/yugabyte-db package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • M
Insertion of Sensitive Information into Log File

[2.20.0.0,2.20.7.0)[2.23.0.0,2.23.1.0)[2024.1.0.0,2024.1.3.0)
  • M
NULL Pointer Dereference

[2.20.0.0,2.20.7.0)[2.23.0.0,2.23.1.0)[2024.1.0.0,2024.1.3.0)
  • H
Cleartext Transmission of Sensitive Information

[2.20.0.0,2.20.7.0)[2.23.0.0,2.23.1.0)[2024.1.0.0,2024.1.3.0)
  • H
Insertion of Sensitive Information Into Sent Data

[2.20.0.0,2.20.7.0)[2.23.0.0,2.23.1.0)[2024.1.0.0,2024.1.3.0)
  • C
Buffer Overflow

[0,v2024.1.2.0)
  • M
Cross-site Scripting (XSS)

[0,)
  • H
Improper Authorization

[,2.6.2)