ydb CVE Vulnerabilities & CVE List (2)

Products (CPE): — CVEs: 2

ydb vulnerability overview

This page aggregates publicly disclosed CVE and security risk information related to ydb, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

Vulnerability distribution trend (last 24 months)

Showing 12 of 2 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2023-45825 ydb-go-sdk is a pure Go native and database/sql driver for the YDB platform. Since ydb-go-sdk v3.48.6 if you use a custom credentials object (implementation of interface Credentials it may leak into logs. This happens because this object could be serialized into an error message using `fmt.Errorf("something went wrong (credentials: %q)", credentials)` during connection to the YDB server. If such logging occurred, a malicious user with access to logs could read sensitive information (i.e. creden [email protected] 5.5 0.22% 2023-10-19 2026-06-17
CVE-2022-28228 Out-of-bounds read was discovered in YDB server. An attacker could construct a query with insert statement that would allow him to read sensitive information from other memory locations or cause a crash. [email protected] 9.1 0.67% 2022-12-23 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence