CVE-2023-35930

Description

SpiceDB's LookupResources may return partial results in github.com/authzed/spicedb

Affected packages (2)

• Go/github.com/authzed/spicedb>= 1.22.0, < 1.22.2
• Go/github.com/authzed/spicedb>= 1.22.0, < 1.22.2

CVSS scores

References (5)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2023-35930
• PATCHhttps://github.com/authzed/spicedb
• WEBhttps://github.com/authzed/spicedb/pull/1397
• WEBhttps://github.com/authzed/spicedb/releases/tag/v1.22.2
• WEBhttps://github.com/authzed/spicedb/security/advisories/GHSA-m54h-5x5f-5m6r