2 matches found
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the propagation of token scope for access control within Gitea's package registry. An attacker can gain unauthorized access or perform actions beyond their intended permissions by exploiting improper enforceme...
PT-2023-25388 · Spicedb · Spicedb
Name of the Vulnerable Software and Affected Versions: SpiceDB version 1.22.0 Description: The issue affects users making negative authorization decisions based on the results of a LookupResources request. This can lead to incorrect access control, where some subjects may not have access to...