yugabyte/yugabyte-db vulnerabilities

licenses detected

Apache-2.0
Unknown
Public-Domain
MIT
BSL-1.0
BSD-3-Clause
bzip2-1.0.6
Unlicense
CC0-1.0

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the https://github.com|yugabyte/yugabyte-db package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Insertion of Sensitive Information into Log File	[2.20.0.0,2.20.7.0)[2.23.0.0,2.23.1.0)[2024.1.0.0,2024.1.3.0)
M NULL Pointer Dereference	[2.20.0.0,2.20.7.0)[2.23.0.0,2.23.1.0)[2024.1.0.0,2024.1.3.0)
H Cleartext Transmission of Sensitive Information	[2.20.0.0,2.20.7.0)[2.23.0.0,2.23.1.0)[2024.1.0.0,2024.1.3.0)
H Insertion of Sensitive Information Into Sent Data	[2.20.0.0,2.20.7.0)[2.23.0.0,2.23.1.0)[2024.1.0.0,2024.1.3.0)
C Buffer Overflow	[0,v2024.1.2.0)
M Cross-site Scripting (XSS)	[0,)
H Improper Authorization	[,2.6.2)