Scylladb

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2023-33972	ScyllaDB Scylladb		0.00	—	0.01		Sep 27, 2023	Scylladb is a NoSQL data store using the seastar framework, compatible with Apache Cassandra. Authenticated users who are authorized to create tables in a keyspace can escalate their privileges to access a table in the same keyspace, even if they don't have permissions for that…
CVE-2022-29240	ScyllaDB Scylla Enterprise		0.00	—	0.01		Sep 15, 2022	Scylla is a real-time big data database that is API-compatible with Apache Cassandra and Amazon DynamoDB. When decompressing CQL frame received from user, Scylla assumes that user-provided uncompressed length is correct. If user provides fake length, that is greater than the…

CVE-2023-33972Sep 27, 2023
ScyllaDB
Scylladb
risk 0.00cvss —epss 0.01
Scylladb is a NoSQL data store using the seastar framework, compatible with Apache Cassandra. Authenticated users who are authorized to create tables in a keyspace can escalate their privileges to access a table in the same keyspace, even if they don't have permissions for that…
CVE-2022-29240Sep 15, 2022
ScyllaDB
Scylla Enterprise
risk 0.00cvss —epss 0.01
Scylla is a real-time big data database that is API-compatible with Apache Cassandra and Amazon DynamoDB. When decompressing CQL frame received from user, Scylla assumes that user-provided uncompressed length is correct. If user provides fake length, that is greater than the…