Lucene search
+L

346 matches found

euvd
euvd
added 2026/02/06 5:51 p.m.12 views

EUVD-2026-5633

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.8.5 to v1.11.2 openfga-0.2.22= Helm chart = openfga-0.2.51, v.1.8.5 = docker = v.1.11.2 are vulnerable to improper policy enforcement when certain Check call...

5.8CVSS5.4AI score0.00308EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/02/06 5:51 p.m.7 views

CVE-2026-24851

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.8.5 to v1.11.2 openfga-0.2.22= Helm chart = openfga-0.2.51, v.1.8.5 = docker = v.1.11.2 are vulnerable to improper policy enforcement when certain Check call...

5.8CVSS5.4AI score0.00308EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2026/02/06 5:51 p.m.32 views

CVE-2026-24851 OpenFGA Improper Policy Enforcement

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.8.5 to v1.11.2 openfga-0.2.22= Helm chart = openfga-0.2.51, v.1.8.5 = docker = v.1.11.2 are vulnerable to improper policy enforcement when certain Check call...

5.8CVSS0.00308EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/02/06 5:51 p.m.4 views

CVE-2026-24851 OpenFGA Improper Policy Enforcement

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.8.5 to v1.11.2 openfga-0.2.22= Helm chart = openfga-0.2.51, v.1.8.5 = docker = v.1.11.2 are vulnerable to improper policy enforcement when certain Check call...

5.8CVSS5.4AI score0.00308EPSS
Exploits0References2
cve
cve
added 2026/02/06 5:51 p.m.35 views

CVE-2026-24851

CVE-2026-24851 technical details are not publicly available in the provided documents. Monitor for updates.

8.8CVSS5.4AI score0.00308EPSS
Exploits0References2Affected Software2
osv
osv
added 2026/02/06 5:51 p.m.7 views

CVE-2026-24851 OpenFGA Improper Policy Enforcement

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.8.5 to v1.11.2 openfga-0.2.22= Helm chart = openfga-0.2.51, v.1.8.5 = docker = v.1.11.2 are vulnerable to improper policy enforcement when certain Check call...

5.8CVSS5.4AI score0.00308EPSS
Exploits0References4
cnnvd
cnnvd
added 2026/02/06 12:0 a.m.9 views

OpenFGA 安全漏洞

OpenFGA is an open-source engine designed for developers, inspired by Google Zanzibar. It is a high-performance and flexible authorization/licensing tool. Versions of OpenFGA from 1.8.5 to 1.11.2 contain security vulnerabilities, which stem from improper policy execution during specific checks...

8.8CVSS5.9AI score0.00308EPSS
Exploits0References2
osv
osv
added 2026/02/05 9:46 p.m.9 views

GHSA-JQ9F-GM9W-RWM9 OpenFGA Improper Policy Enforcement

Impact OpenFGA v1.8.5 to v1.11.2 openfga-0.2.22 = Helm chart = openfga-0.2.51, v.1.8.5 = docker = v.1.11.2 are vulnerable to improper policy enforcement when certain Check calls are executed. Affected Users Users are affected by this vulnerability if all of the following preconditions are met: -...

5.8CVSS5.5AI score0.00308EPSS
Exploits0References5
github
github
added 2026/02/05 9:46 p.m.18 views

OpenFGA Improper Policy Enforcement

Impact OpenFGA v1.8.5 to v1.11.2 openfga-0.2.22 = Helm chart = openfga-0.2.51, v.1.8.5 = docker = v.1.11.2 are vulnerable to improper policy enforcement when certain Check calls are executed. Affected Users Users are affected by this vulnerability if all of the following preconditions are met: -...

8.8CVSS5.4AI score0.00308EPSS
Exploits0References5Affected Software1
ptsecurity
ptsecurity
added 2026/02/05 12:0 a.m.16 views

PT-2026-6646

Name of the Vulnerable Software and Affected Versions OpenFGA versions 1.8.5 through 1.11.2 Description OpenFGA is an authorization/permission engine. Versions 1.8.5 through 1.11.2 are susceptible to improper policy enforcement during specific Check calls. This occurs when a model includes a...

9.9CVSS5.4AI score0.34346EPSS
Exploits45References116
redhatcve
redhatcve
added 2026/01/09 9:30 a.m.6 views

CVE-2023-43645

OpenFGA is an authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA is vulnerable to a denial of service attack when certain Check calls are executed against authorization models that contain circular relationship definitions. When the call is made, it's...

5.9CVSS6.7AI score0.00751EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 9:27 a.m.6 views

CVE-2023-45810

OpenFGA is a flexible authorization/permission engine built for developers and inspired by Google Zanzibar. Affected versions of OpenFGA are vulnerable to a denial of service attack. When a number of ListObjects calls are executed, in some scenarios, those calls are not releasing resources even...

7.5CVSS6.7AI score0.00509EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 8:44 a.m.13 views

CVE-2022-23542

OpenFGA is an authorization/permission engine built for developers and inspired by Google Zanzibar. During an internal security assessment, it was discovered that OpenFGA version 0.3.0 is vulnerable to authorization bypass under certain conditions. This issue has been patched in version 0.3.1 and...

9.8CVSS6.8AI score0.0091EPSS
Exploits0References1
cgr
cgr
added 2025/12/05 1:28 a.m.13 views

CVE-2025-61729 vulnerabilities

Vulnerabilities for packages: fluxcd-kustomize-mutating-webhook-fips, sigstore-scaffolding-fips, gitlab-runner-fips, amazon-ssm-agent-fips, terraform-provider-sendgrid, crossplane-provider-keycloak, aactl, rancher-fleet, eck-operator-fips, opa-fips-envoy, kubernetes-csi-driver-nfs, dfc, oras-fips...

7.5CVSS7AI score0.00459EPSS
Exploits2
redhatcve
redhatcve
added 2025/12/01 2:20 a.m.8 views

CVE-2025-64751

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and...

8.8CVSS6.8AI score0.00261EPSS
Exploits0References1
osv
osv
added 2025/11/25 6:12 p.m.5 views

GO-2025-4150 OpenFGA Improper Policy Enforcement in github.com/openfga/openfga

OpenFGA Improper Policy Enforcement in github.com/openfga/openfga...

8.8CVSS6.8AI score0.00261EPSS
Exploits0References3
susecve
susecve
added 2025/11/22 12:23 a.m.7 views

SUSE CVE-2025-64751

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and...

8.2CVSS6.9AI score0.00261EPSS
Exploits0References7
nvd
nvd
added 2025/11/21 2:15 a.m.17 views

CVE-2025-64751

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and...

8.8CVSS0.00261EPSS
Exploits0References2
osv
osv
added 2025/11/21 1:24 a.m.6 views

CVE-2025-64751 OpenFGA Improper Policy Enforcement

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and...

5.8CVSS6.8AI score0.00261EPSS
Exploits0References4
cvelist
cvelist
added 2025/11/21 1:24 a.m.12 views

CVE-2025-64751 OpenFGA Improper Policy Enforcement

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and...

5.8CVSS0.00261EPSS
Exploits0References2
Rows per page
Query Builder