Name of the Vulnerable Software and Affected Versions: SurrealDB versions prior to 1.1.0

Description: The issue arises when the SurrealQL parser attempts to recursively parse nested statements or idioms without checking the established depth limit, potentially leading to a stack overflow. An authorized attacker may exploit this to crash the server, resulting in denial of service.

Recommendations: For versions prior to 1.1.0, limit the ability of untrusted users to run arbitrary SurrealQL queries to minimize the risk of exploitation. Additionally, ensure the SurrealDB process is configured to automatically restart after a crash to limit the impact of the denial of service.