Surrealdb · Surrealdb · CVE-2024-58359
**Name of the Vulnerable Software and Affected Versions**
SurrealDB versions prior to 2.1.0
**Description**
A denial of service issue exists in the sorting mechanism. Authorized clients can trigger a panic in the sorting function by executing queries that utilize the `ORDER BY rand()` clause, which results in a server crash.
**Recommendations**
Update to version 2.1.0 or later.
As a temporary workaround, avoid using the `ORDER BY rand()` clause in queries.