PT-2026-60958 · Surrealdb · Surrealdb
CVSS v4.0
7.1
High
| Vector | AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
SurrealDB versions prior to 2.0.5
SurrealDB versions 2.1.x prior to 2.1.5
SurrealDB versions 2.2.x prior to 2.2.2
Description
Authenticated users with OWNER or EDITOR permissions at the root, namespace, or database level can cause a denial of service. By using the
DEFINE FUNCTION statement to create custom database functions containing nested FOR loops, an attacker can bypass iteration constraints. While a single loop is limited, nesting multiple loops allows for an execution that consumes all server CPU resources. This condition persists regardless of configured timeouts, making the server unresponsive to other queries and connections until a manual restart is performed.Recommendations
Update SurrealDB to version 2.0.5 or later.
Update SurrealDB 2.1.x to version 2.1.5 or later.
Update SurrealDB 2.2.x to version 2.2.2 or later.
Fix
DoS
Infinite Loop
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Surrealdb