{"id":"GO-2023-1717","summary":"Improper handling of keyspaces in vitess.io/vitess","details":"Users can create a keyspace containing '/'. Future attempts to view keyspaces from some tools (including VTAdmin and \"vtctldclient GetKeyspaces\") receive an error.","aliases":["CVE-2023-29194","GHSA-735r-hv67-g38f"],"modified":"2024-05-20T16:03:47Z","published":"2023-04-12T20:20:52Z","database_specific":{"review_status":"REVIEWED","url":"https://pkg.go.dev/vuln/GO-2023-1717"},"references":[{"type":"ADVISORY","url":"https://github.com/vitessio/vitess/security/advisories/GHSA-735r-hv67-g38f"},{"type":"FIX","url":"https://github.com/vitessio/vitess/commit/adf10196760ad0b3991a7aa7a8580a544e6ddf88"},{"type":"FIX","url":"https://github.com/vitessio/vitess/commits/v0.16.1/"}],"affected":[{"package":{"name":"vitess.io/vitess","ecosystem":"Go","purl":"pkg:golang/vitess.io/vitess"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"0.16.1"}]}],"ecosystem_specific":{"imports":[{"path":"vitess.io/vitess/go/vt/vtorc/inst","symbols":["GetDurabilityPolicy","ReadKeyspace","ReadTopologyInstance","ReadTopologyInstanceBufferable","SwitchPrimary"]},{"path":"vitess.io/vitess/go/vt/topo","symbols":["Server.CreateKeyspace","Server.CreateShard","Server.FindAllShardsInKeyspace","Server.GetKeyspace","Server.GetKeyspaceDurability","Server.GetOnlyShard","Server.GetOrCreateShard","Server.GetServingShards","Server.GetShardNames","Server.InitTablet","Server.ResolveShardWildcard"]}]},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2023-1717.json"}}],"schema_version":"1.7.3","credits":[{"name":"@AdamKorcz"},{"name":"@ajm188"}]}