Affected by GO-2023-1723
and 9 other vulnerabilities
GO-2023-1723: SpiceDB binding metrics port to untrusted networks and can leak command-line flags in github.com/authzed/spicedb
GO-2023-2166: SpiceDB leaks information in log files when URI cannot be parsed in github.com/authzed/spicedb
GO-2024-2597: Integer overflow in chunking helper causes dispatching to miss elements or panic in github.com/authzed/spicedb
GO-2024-2716: SpiceDB: LookupSubjects may return partial results if a specific kind of relation is used in github.com/authzed/spicedb
GO-2024-2939: SpiceDB exclusions can result in no permission returned when permission expected in github.com/authzed/spicedb
GO-2024-3131: SpiceDB having multiple caveats on resources of the same type may improperly result in no permission in github.com/authzed/spicedb
GO-2025-3744: SpiceDB checks involving relations with caveats can result in no permission when permission is expected in github.com/authzed/spicedb
GO-2025-4120: SpiceDB WriteRelationships fails silently if payload is too big in github.com/authzed/spicedb
GO-2025-4151: SpiceDB: LookupResources with Multiple Entrypoints across Different Definitions Can Return Incomplete Results in github.com/authzed/spicedb
GO-2026-4465: LookupResources Cursor section tampering can crash SpiceDB process via tuple.MustParse panic in github.com/authzed/spicedb
type Config struct {
// Addr is the address on which the HTTP server will be configured to listen. Addr string// UpstreamAddr is the address of the gRPC server to which requests will be// forwarded.
UpstreamAddr string// UpstreamTLSDisabled toggles whether or not the upstream connection will be// secure.
UpstreamTLSDisabled bool// UpstreamTLSCertPath is the filesystem location of the certificate used to// secure the upstream connection.
UpstreamTLSCertPath string
}
Config represents the require configuration for initializing a REST gateway.
Affected by 
Documentation
¶
Source Files