20 matches found
Improper Policy Enforcement
github.com/openfga/openfga is vulnerable to improper policy enforcement. The vulnerability is due to inadequate validation during certain Check and ListObject calls, which allows an attacker to bypass authorization controls and gain unauthorized access to resources...
CVE-2025-64751
OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and...
SUSE CVE-2025-64751
OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and...
CVE-2025-64751
OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and...
CVE-2025-64751 OpenFGA Improper Policy Enforcement
OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and...
CVE-2025-64751
CVE-2025-64751 affects OpenFGA v1.4.0–v1.11.0 (openfga-0.1.34–0.2.48 Helm; v1.4.0–v1.11.0 Docker). It is due to improper policy enforcement when certain Check and ListObject calls are executed, with patches available in v1.11.1. Impact is described as high in CVSS metrics (base score 8.8; confide...
Improper Authorization
Overview Affected versions of this package are vulnerable to Improper Authorization via certain Check and ListObject calls. An attacker can gain unauthorized access to resources by exploiting improper enforcement of access policies when a relation is directly assignable by a type bound public...
OpenFGA Improper Policy Enforcement
Overview OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. Am I Affected? You are affected by this vulnerability if you meet the following...
GHSA-2C64-VMV2-HGFC OpenFGA Improper Policy Enforcement
Overview OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. Am I Affected? You are affected by this vulnerability if you meet the following...
PT-2025-47655
Name of the Vulnerable Software and Affected Versions OpenFGA versions 1.4.0 through 1.11.0 Description OpenFGA is an authorization/permission engine. Versions 1.4.0 through 1.11.0 are subject to improper policy enforcement during specific Check and ListObject calls. Recommendations Update to...
EUVD-2025-25151
Malicious code in bioql PyPI...
OpenFGA Authorization Bypass
Overview OpenFGA v1.9.3 to v1.9.4 openfga-0.2.40 = Helm chart = openfga-0.2.41, v1.9.3 = docker = v.1.9.4 are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. Am I Affected? You are affected by this vulnerability if you are using OpenFGA v1.9.3 to...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via improper enforcement of authorization policies in the Check and ListObject processes. Note: The users are affected under the following preconditions: - Check API or ListObjects are called with an authorizatio...
CVE-2025-55213 OpenFGA Authorization Bypass (Check)
OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.9.3 to v1.9.4 openfga-0.2.40 = Helm chart = openfga-0.2.41, v1.9.3 = docker = v.1.9.4 are vulnerable to improper policy enforcement when certain Check and...
CVE-2025-55213 OpenFGA Authorization Bypass (Check)
OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.9.3 to v1.9.4 openfga-0.2.40 = Helm chart = openfga-0.2.41, v1.9.3 = docker = v.1.9.4 are vulnerable to improper policy enforcement when certain Check and...
CVE-2025-55213 OpenFGA Authorization Bypass (Check)
OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.9.3 to v1.9.4 openfga-0.2.40 = Helm chart = openfga-0.2.41, v1.9.3 = docker = v.1.9.4 are vulnerable to improper policy enforcement when certain Check and...
CVE-2025-55213
OpenFGA is affected by an Authorization Bypass vulnerability in which improper policy enforcement occurs during certain Check and ListObject calls. Affected versions are OpenFGA v1.9.3 to v1.9.4 (including openfga-0.2.40 to 0.2.41 and docker/v1.9.4). The issue is fixed in v1.9.5. Impact is descri...
OpenFGA 授权问题漏洞
OpenFGA is OpenFGA open source a high performance and flexible authorization/licensing engine built for developers and inspired by Google Zanzibar. An authorization issue vulnerability exists in OpenFGA versions 1.8.0 through 1.8.12, which stems from specific Check and ListObject calls that could...
Authorization Bypass
github.com/openfga/openfga is vulnerable to authorization bypass. The vulnerability is due to improper handling of certain Check and ListObject calls, allowing unauthorized access to restricted resources...
Authentication Bypass by Primary Weakness
Overview Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness due to improper handling of certain Check and ListObject calls. An attacker can bypass authorization controls by exploiting these calls. Note: This is only exploitable if Check API or ListObject...