GHSA-3633-g6mg-p6qq: 
Rust vulnerability analysis and mitigation

A high-severity vulnerability (GHSA-3633-g6mg-p6qq) was discovered in SurrealDB affecting versions < 2.2.2, < 2.1.5, and < 2.0.5. The vulnerability allows an authenticated user to cause memory exhaustion through the string::replace function when using regex patterns. This issue was identified during a code audit and penetration test conducted by cure53 (GitHub Advisory).

The vulnerability stems from a failure to restrict the resulting string length when using the string::replace function with regex patterns. This enables attackers to craft queries that can cause excessive string allocations, leading to server memory exhaustion. The vulnerability has been assigned a CVSS v4 score of 7.1 (High), with attack vector: Network, attack complexity: Low, privileges required: Low, and user interaction: None (GitHub Advisory).

When successfully exploited, this vulnerability can result in a Denial-of-Service situation for the SurrealDB server through memory exhaustion. The impact primarily affects the availability of the system, while confidentiality and integrity remain unaffected (GitHub Advisory).

The vulnerability has been patched in versions 2.0.5, 2.1.5, and 2.2.2 by implementing a limit on string length through the SURREALGENERATIONALLOCATIONLIMIT parameter. For users unable to update, a workaround is available by limiting untrusted clients' ability to run the string::replace function using the --deny-functions flag or the SURREALCAPSDENYFUNC environment variable (GitHub Advisory).