Category: Authorization Systems
Failures in systems that manage access control, identity, or permissions. This includes tools like SpiceDB, OPA, or Auth0 where schema, policy, or integration issues can block authentication or authorization flows.
| ID | Title | Description | Category | Technology | Tags |
|---|---|---|---|---|---|
| CRE-2025-0078 High Impact: 10/10 Mitigation: 2/10 | SpiceDB Database Schema Failures: Missing Core Tables | Detects critical SpiceDB database schema failures caused by missing core tables like `metadata`, `alembic_version`, or `relation_tuple_transaction`. These errors often stem from incomplete migrations, startup race conditions, or schema corruption, resulting in a complete breakdown of SpiceDB authorization capabilities. | Authorization Systems | spicedb | SpiceDBMigration FailureSchema ErrorPostgreSQL |
| CRE-2025-0079 Critical Impact: 10/10 Mitigation: 3/10 | SpiceDB Database Corruption: Critical Table Loss | Detects catastrophic SpiceDB database corruption where critical core tables like `alembic_version` and `relation_tuple_transaction` are missing or dropped. This represents complete database corruption that renders SpiceDB unable to perform any authorization operations, causing total permission system failure. | Authorization Systems | postgresql | SpiceDBDatabase CorruptionAuthorizationPostgreSQL |
| CRE-2025-0105 High Impact: 9/10 Mitigation: 3/10 | SpiceDB Datastore Startup Failure | Detects critical failures where a SpiceDB instance cannot start due to an invalid schema or an uninitialized datastore during the bootstrap process. This is a common configuration error that prevents the service from initializing and serving requests, leading to a total service outage. | Authorization Systems | spicedb | SpiceDBAuthorizationDatastoreMisconfigurationStartup Failure |