Category: Authorization Problems
Problems related to authorization
| ID | Title | Description | Category | Technology | Tags |
|---|---|---|---|---|---|
| CRE-2025-0045 Medium Impact: 4/10 Mitigation: 4/10 | NATS Authorization Failure Detected | The NATS server has emitted an **Authorization Violation** log entry, meaning a client attempted to connect, publish, subscribe, or perform another operation for which it lacks permission. Intermittent violations often point to misconfiguration or start-up chaos. However, sustained or widespread violations can signal credential expiry or missing secrets. | Authorization Problems | nats | NATSSecurityAuthorizationPublic |
| CRE-2025-0046 Medium Impact: 4/10 Mitigation: 4/10 | NATS Permissions Violation Detected | The NATS server has emitted an **Permission Violation** log entry, meaning a client attempted to publish or subscribe to a subject for which it lacks permission. | Authorization Problems | nats | NATSSecurityAuthorizationPublic |
| CRE-2025-0085 High Impact: 8/10 Mitigation: 7/10 | SpiceDB Schema Validation Failures Block Authorization Updates | Detects SpiceDB schema validation failures that prevent authorization logic updates and deployments. These failures occur when invalid schema definitions are submitted, including syntax errors, circular dependencies, type conflicts, or malformed permission expressions, blocking critical authorization system updates. | Authorization Problems | spicedb | SpiceDBAuthorizationConfigurationValidationCrashStartup Failure |