vitess.io/vitess

Go4 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting vitess.io/vitesspage 1 of 1

CVE-2023-29194MEDIUMCVSS 4.1EG 4.1✓ Fixed in 0.16.1
2023-04-14
Vitess is a database clustering system for horizontal scaling of MySQL. Users can either intentionally or inadvertently create a keyspace containing `/` characters such that from that point on, anyone who tries to view keyspaces from VTAdm…
CVE-2023-29195MEDIUMCVSS 4.1EG 4.1✓ Fixed in 0.16.2
2023-05-11
Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding. Prior to version 16.0.2, users can either intentionally or inadvertently create a shard containing `/` characters from VTAdmin such that f…
CVE-2024-32886MEDIUMCVSS 4.9EG 4.9✓ Fixed in 0.19.4
2024-05-08
Vitess is a database clustering system for horizontal scaling of MySQL. When executing the following simple query, the `vtgate` will go into an endless loop that also keeps consuming memory and eventually will run out of memory. This vulne…
CVE-2024-53257MEDIUMCVSS 4.9EG 4.9✓ Fixed in 0.21.1
2024-12-03
Vitess is a database clustering system for horizontal scaling of MySQL. The /debug/querylogz and /debug/env pages for vtgate and vttablet do not properly escape user input. The result is that queries executed by Vitess can write HTML into …

Check whether vitess.io/vitess is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for vitess.io/vitess CVEs against the assets you own.

Start Free Scan →