Denial of Service Vulnerability in SurrealDB by SurrealDB, Inc.
CVE-2024-58364
7.1HIGH
What is CVE-2024-58364?
SurrealDB versions prior to 1.2.1 are susceptible to an uncaught exception handling vulnerability during span rendering, specifically when parsing erroneous queries with line terminator characters. This allows authorized clients to send malformed queries that cause a panic in the span rendering code. As a result, the server may crash, leading to a denial of service. Implementing the latest version is crucial to mitigate this issue.
Affected Version(s)
surrealdb 0 < 1.2.1
surrealdb 1.2.1
