Yugabytedb Managed
By the Year
In 2024 there have been 0 vulnerabilities in Yugabytedb Managed . Last year Yugabytedb Managed had 2 security vulnerabilities published. Right now, Yugabytedb Managed is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 2 | 9.80 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Yugabytedb Managed vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Yugabytedb Managed Security Vulnerabilities
The High Availability functionality of Yugabyte Anywhere
CVE-2023-0745
9.8 - Critical
- February 09, 2023
The High Availability functionality of Yugabyte Anywhere can be abused to write arbitrary files through the backup upload endpoint by using path traversal characters. This vulnerability is associated with program files PlatformReplicationManager.Java. This issue affects YugabyteDB Anywhere: from 2.0.0.0 through 2.13.0.0
Directory traversal
Server-Side Request Forgery (SSRF)
CVE-2023-0574
9.8 - Critical
- February 09, 2023
Server-Side Request Forgery (SSRF), Improperly Controlled Modification of Dynamically-Determined Object Attributes, Improper Restriction of Excessive Authentication Attempts vulnerability in YugaByte, Inc. Yugabyte Managed allows Accessing Functionality Not Properly Constrained by ACLs, Communication Channel Manipulation, Authentication Abuse.This issue affects Yugabyte Managed: from 2.0.0.0 through 2.13.0.0
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Yugabytedb Managed or by Yugabyte? Click the Watch button to subscribe.
