Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Github Security Blog
Github Security Blogadded 2025/05/23 6:41 p.m.26 views

OpenFGA Authorization Bypass

Overview OpenFGA v1.8.0 to v1.8.12 openfga-0.2.16 = Helm chart = openfga-0.2.31, v1.8.0 = docker = v.1.8.12 are vulnerable to authorization bypass when certain Check and ListObject calls are executed. Am I Affected? If you are using OpenFGA v1.8.0 to v1.8.12, specifically under the following...

8.8CVSS5.9AI score0.001EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichmentadded 2025/05/22 10:20 p.m.7 views

CVE-2025-48371 OpenFGA Authorization Bypass

OpenFGA is an authorization/permission engine. OpenFGA versions 1.8.0 through 1.8.12 corresponding to Helm chart openfga-0.2.16 through openfga-0.2.30 and docker 1.8.0 through 1.8.12 are vulnerable to authorization bypass when certain Check and ListObject calls are executed. Users are affected...

5.8CVSS6.5AI score0.001EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2025/01/17 12:22 a.m.1 views

SUSE CVE-2024-56323

OpenFGA is an authorization/permission engine. IN OpenFGA v1.3.8 to v1.8.2 Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2 are vulnerable to authorization bypass under the following conditions: 1. calling Check API or ListObjects with a model that uses conditions, and 2...

9.8CVSS7AI score0.00129EPSS
Exploits0References4
NVD
NVDadded 2025/01/13 10:15 p.m.11 views

CVE-2024-56323

OpenFGA is an authorization/permission engine. IN OpenFGA v1.3.8 to v1.8.2 Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2 are vulnerable to authorization bypass under the following conditions: 1. calling Check API or ListObjects with a model that uses conditions, and 2...

9.8CVSS0.00129EPSS
Exploits0References1
OSV
OSVadded 2025/01/13 9:33 p.m.1 views

CVE-2024-56323 OpenFGA Authorization Bypass

OpenFGA is an authorization/permission engine. IN OpenFGA v1.3.8 to v1.8.2 Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2 are vulnerable to authorization bypass under the following conditions: 1. calling Check API or ListObjects with a model that uses conditions, and 2...

5.8CVSS7AI score0.00129EPSS
Exploits0References3
OSV
OSVadded 2025/01/13 7:59 p.m.14 views

GHSA-32Q6-RR98-CJQV OpenFGA Authorization Bypass

Overview OpenFGA v1.3.8 to v1.8.2 Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2 are vulnerable to authorization bypass when certain Check and ListObject calls are executed. Am I Affected? You are affected by this authorization bypass vulnerability if you are using OpenFGA...

5.8CVSS8.5AI score0.00129EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/01/13 12:0 a.m.3 views

PT-2025-3267

Name of the Vulnerable Software and Affected Versions OpenFGA versions 1.3.8 through 1.8.2 Description The issue concerns an authorization bypass in OpenFGA under specific conditions, including calling Check API or ListObjects with a model that uses conditions, and OpenFGA being configured with...

9.8CVSS7.5AI score0.02218EPSS
Exploits2References92
Rows per page
Query Builder