GHSA-2cvj-g5r5-jrrg: 
Rust vulnerability analysis and mitigation

SurrealDB vulnerability (GHSA-2cvj-g5r5-jrrg) was discovered in versions prior to 2.2.2 and 2.1.5, affecting the database's analyzer functionality. The vulnerability allows authenticated system users with root, namespace, or database level privileges to access arbitrary 2-column TSV files on the file system through the DEFINE ANALYZER statement. This security issue was identified during a code audit and penetration test conducted by cure53 (GitHub Advisory).

The vulnerability is classified as Low severity with a CVSS v4 score of 2.3. The attack vector is Network-based with low attack complexity, requiring present attack requirements and low privileges. The vulnerability specifically affects the DEFINE ANALYZER statement functionality, which could be exploited to point to arbitrary file locations on the file system. The attack is limited to files that are tab-separated with two columns (GitHub Advisory).

The primary impact of this vulnerability is unauthorized access to 2-column TSV files on the file system. The vulnerability affects confidentiality (rated as Low) while having no impact on integrity or availability of the system (GitHub Advisory).

A patch has been implemented that introduces a new environment variable, SURREALFILEALLOWLIST, which contains a list of allowed file paths. The mapper now checks if the file's path is within the allowed paths before processing. For users unable to update, it is recommended to limit root, namespace, or database level access to trusted parties only. The vulnerability has been fixed in versions 2.1.5, 2.2.2 and later (GitHub PR, GitHub Advisory).