13 matches found
GHSA-57J5-QWP2-VQP6 OpenFGA has Improper Policy Enforcement
Description In OpenFGA, in specific scenarios, models using conditions with caching enabled can result in two different check requests producing the same cache key. This could result in OpenFGA reusing an earlier cached result for a subsequent request. Am I Affected? Users are affected if their...
CVE-2026-41131
CVE-2026-41131 affects OpenFGA prior to version 1.14.1. In scenarios where models use conditions with caching enabled, two distinct check requests can yield the same cache key, causing an earlier cached result to be reused for a later request. Preconditions: the model has relations that rely on c...
GO-2026-4446 OpenFGA Improper Policy Enforcement in github.com/openfga/openfga
OpenFGA Improper Policy Enforcement in github.com/openfga/openfga...
CVE-2026-24851 OpenFGA Improper Policy Enforcement
OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.8.5 to v1.11.2 openfga-0.2.22= Helm chart = openfga-0.2.51, v.1.8.5 = docker = v.1.11.2 are vulnerable to improper policy enforcement when certain Check call...
CVE-2026-24851 OpenFGA Improper Policy Enforcement
OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.8.5 to v1.11.2 openfga-0.2.22= Helm chart = openfga-0.2.51, v.1.8.5 = docker = v.1.11.2 are vulnerable to improper policy enforcement when certain Check call...
CVE-2026-24851
CVE-2026-24851 technical details are not publicly available in the provided documents. Monitor for updates.
GHSA-JQ9F-GM9W-RWM9 OpenFGA Improper Policy Enforcement
Impact OpenFGA v1.8.5 to v1.11.2 openfga-0.2.22 = Helm chart = openfga-0.2.51, v.1.8.5 = docker = v.1.11.2 are vulnerable to improper policy enforcement when certain Check calls are executed. Affected Users Users are affected by this vulnerability if all of the following preconditions are met: -...
OpenFGA Improper Policy Enforcement
Impact OpenFGA v1.8.5 to v1.11.2 openfga-0.2.22 = Helm chart = openfga-0.2.51, v.1.8.5 = docker = v.1.11.2 are vulnerable to improper policy enforcement when certain Check calls are executed. Affected Users Users are affected by this vulnerability if all of the following preconditions are met: -...
SUSE CVE-2025-64751
OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and...
CVE-2025-64751 OpenFGA Improper Policy Enforcement
OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and...
OpenFGA Improper Policy Enforcement
Overview OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. Am I Affected? You are affected by this vulnerability if you meet the following...
Google Chrome iframe sandbox security bypass vulnerability
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome iframe sandbox that stems from improper policy enforcement in the product's iframe sandbox. An attacker can exploit the vulnerability to bypass security restrictions...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:0322-1 Rating: important References: 1165826 Cross-References: CVE-2020-6420 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for chromiu...