3 matches found
CVE-2024-56323 OpenFGA Authorization Bypass
OpenFGA is an authorization/permission engine. IN OpenFGA v1.3.8 to v1.8.2 Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2 are vulnerable to authorization bypass under the following conditions: 1. calling Check API or ListObjects with a model that uses conditions, and 2...
PT-2022-27427 · Slixmpp +1 · Slixmpp +1
Name of the Vulnerable Software and Affected Versions: Slixmpp versions prior to 1.8.3 Description: The issue lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp. Recommendations: For versions prior to 1.8.3, update to version...
PT-2022-12972
Name of the Vulnerable Software and Affected Versions YOURLS versions prior to 1.8.3 Description The issue is related to Cross-Site Request Forgery CSRF in the YOURLS repository. This allows an attacker to perform unintended actions on a user's account. Recommendations For versions prior to 1.8.3...