2 matches found
OpenFGA Authorization Bypass
Overview Some end users of OpenFGA v1.5.0 or later are vulnerable to authorization bypass when calling Check or ListObjects APIs. Am I Affected? You are very likely affected if your model involves exclusion e.g. a but not b or intersection e.g. a and b and you have any cyclical relationships. If...
GHSA-8CPH-M685-6V6R OpenFGA Authorization Bypass
Overview Some end users of OpenFGA v1.5.0 or later are vulnerable to authorization bypass when calling Check or ListObjects APIs. Am I Affected? You are very likely affected if your model involves exclusion e.g. a but not b or intersection e.g. a and b and you have any cyclical relationships. If...