Tag: Supabase
Problems related to Supabase self-hosted deployments and services
| ID | Title | Description | Category | Technology | Tags |
|---|---|---|---|---|---|
| CRE-2025-0130 High Impact: 9/10 Mitigation: 3/10 | Supabase Self-Hosted: Postgres Container Fails to Start Due to Port Conflict | Detects when Supabase self-hosted Postgres container fails to start because another service is already using port 5432. This is a common issue during initial setup or when multiple Postgres instances are running on the same host. The failure prevents the entire Supabase stack from starting properly. | Database Problems | supabase | SupabasePostgreSQLPort BindingConfigurationStartup FailureSelf-HostedContainer CrashPublic |
| CRE-2025-0131 High Impact: 10/10 Mitigation: 4/10 | Supabase Self-Hosted: JWT Secret Missing or Invalid Configuration | Detects when Supabase self-hosted services fail due to missing, empty, or invalid JWT_SECRET configuration. This affects Auth service, REST API, and all authentication-dependent operations. Invalid JWT secrets prevent API token validation and break the entire authentication flow. | authentication | supabase | SupabaseAuthenticationJWTConfigurationSecurityApi KeySelf-HostedPublic |
| CRE-2025-0132 Medium Impact: 8/10 Mitigation: 5/10 | Supabase Self-Hosted: Database Connection Timeout and Service Failure | Detects when Supabase services lose connection to the PostgreSQL database due to timeouts, network issues, or database unavailability. This affects Auth, REST API, Storage, and all database-dependent operations. Occurs during database restarts, network partitions, or when database becomes unresponsive. | Database Problems | supabase | SupabasePostgreSQLConnectionTimeoutNetworkSelf-HostedConnectivityPublic |
| CRE-2025-0133 Medium Impact: 7/10 Mitigation: 4/10 | Supabase Self-Hosted: Storage Service Fails Due to S3 Misconfiguration | Detects when Supabase Storage service fails due to incorrect S3 configuration including invalid credentials, non-existent buckets, or wrong S3 endpoint settings. This affects file upload/download operations and prevents the storage API from functioning properly. | Storage | storage | SupabaseStorageS3AWSConfigurationApi KeySelf-HostedInfrastructurePublic |
| CRE-2025-0135 Medium Impact: 7/10 Mitigation: 6/10 | Supabase Self-Hosted: Database Migration Failures Due to SQL Syntax Errors | Detects when Supabase database migrations fail due to SQL syntax errors, invalid schema changes, or constraint violations. Migration failures can leave the database in an inconsistent state and prevent the application from starting or functioning properly. | migration-failure | postgresql | SupabasePostgreSQLMigration FailureSchema ErrorSelf-HostedConfigurationPublic |
| CRE-2025-0136 Medium Impact: 8/10 Mitigation: 3/10 | Supabase Self-Hosted: Auth Service Fails Due to Port Binding Conflict | Detects when Supabase Auth service (GoTrue) fails to start because the configured port is already in use by another service. This prevents user authentication, registration, and all auth-related operations from functioning in the self-hosted Supabase deployment. | authentication | docker | SupabaseAuthenticationPort BindingConfigurationStartup FailureSelf-HostedGoTruePublic |
| CRE-2025-0138 Low Impact: 5/10 Mitigation: 4/10 | Supabase Self-Hosted: API Rate Limit Exceeded and Request Throttling | Detects when Supabase API requests are being rate-limited due to excessive traffic or aggressive client behavior. This results in HTTP 429 responses and can indicate DDoS attacks, misconfigured clients, or insufficient rate limiting configuration for the application's traffic patterns. | API Problems | kong | SupabaseRate LimitingThrottlingProxyPerformanceSelf-HostedPublic |
| CRE-2025-0140 Medium Impact: 6/10 Mitigation: 5/10 | Supabase Self-Hosted: Realtime Service Crash Due to Invalid Configuration | Detects when Supabase Realtime service fails to start or crashes due to invalid configuration parameters. This affects WebSocket connections, real-time subscriptions, and live data streaming capabilities. Common issues include invalid replication modes, missing database permissions, or incorrect environment variables. | Realtime Problems | realtime | SupabaseRealtimeConfigurationReplicationConnectionSelf-HostedConfiguration FailurePublic |
| CRE-2025-0141 High Impact: 10/10 Mitigation: 7/10 | Supabase Self-Hosted: Disk Full During Database Migration Operations | Detects when Supabase PostgreSQL database operations fail due to insufficient disk space during migrations, data imports, or large transactions. This can corrupt the database, leave migrations in inconsistent state, and cause complete service failure requiring manual intervention. | Storage | supabase | SupabasePostgreSQLDisk FullStorageMigration FailureWALSelf-HostedCritical FailureData Loss RiskPublic |
| CRE-2025-0142 Medium Impact: 6/10 Mitigation: 5/10 | Supabase Self-Hosted: SSL Certificate Missing or Invalid Configuration | Detects when Supabase services fail due to missing, invalid, or improperly configured SSL certificates. This affects HTTPS endpoints, secure WebSocket connections, and can prevent clients from establishing secure connections to the self-hosted Supabase instance. | Configuration Problem | kong | SupabaseSslTLSCertificate VerificationSecurityConfigurationProxySelf-HostedSSL CertificatePublic |