Lucene search
K

13 matches found

OSV
OSV
added 2026/04/22 7:43 p.m.5 views

GHSA-57J5-QWP2-VQP6 OpenFGA has Improper Policy Enforcement

Description In OpenFGA, in specific scenarios, models using conditions with caching enabled can result in two different check requests producing the same cache key. This could result in OpenFGA reusing an earlier cached result for a subsequent request. Am I Affected? Users are affected if their...

5CVSS5.8AI score0.00145EPSS
Exploits0References4
CVE
CVE
added 2026/04/21 11:38 p.m.16 views

CVE-2026-41131

CVE-2026-41131 affects OpenFGA prior to version 1.14.1. In scenarios where models use conditions with caching enabled, two distinct check requests can yield the same cache key, causing an earlier cached result to be reused for a later request. Preconditions: the model has relations that rely on c...

5CVSS5.8AI score0.00145EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2026/02/17 6:9 p.m.5 views

GO-2026-4446 OpenFGA Improper Policy Enforcement in github.com/openfga/openfga

OpenFGA Improper Policy Enforcement in github.com/openfga/openfga...

8.8CVSS5.4AI score0.00308EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/06 5:51 p.m.30 views

CVE-2026-24851 OpenFGA Improper Policy Enforcement

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.8.5 to v1.11.2 openfga-0.2.22= Helm chart = openfga-0.2.51, v.1.8.5 = docker = v.1.11.2 are vulnerable to improper policy enforcement when certain Check call...

5.8CVSS0.00308EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/06 5:51 p.m.3 views

CVE-2026-24851 OpenFGA Improper Policy Enforcement

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.8.5 to v1.11.2 openfga-0.2.22= Helm chart = openfga-0.2.51, v.1.8.5 = docker = v.1.11.2 are vulnerable to improper policy enforcement when certain Check call...

5.8CVSS5.4AI score0.00308EPSS
Exploits0References2
CVE
CVE
added 2026/02/06 5:51 p.m.31 views

CVE-2026-24851

CVE-2026-24851 technical details are not publicly available in the provided documents. Monitor for updates.

8.8CVSS5.4AI score0.00308EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2026/02/05 9:46 p.m.9 views

GHSA-JQ9F-GM9W-RWM9 OpenFGA Improper Policy Enforcement

Impact OpenFGA v1.8.5 to v1.11.2 openfga-0.2.22 = Helm chart = openfga-0.2.51, v.1.8.5 = docker = v.1.11.2 are vulnerable to improper policy enforcement when certain Check calls are executed. Affected Users Users are affected by this vulnerability if all of the following preconditions are met: -...

5.8CVSS5.5AI score0.00308EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/02/05 9:46 p.m.17 views

OpenFGA Improper Policy Enforcement

Impact OpenFGA v1.8.5 to v1.11.2 openfga-0.2.22 = Helm chart = openfga-0.2.51, v.1.8.5 = docker = v.1.11.2 are vulnerable to improper policy enforcement when certain Check calls are executed. Affected Users Users are affected by this vulnerability if all of the following preconditions are met: -...

8.8CVSS5.4AI score0.00308EPSS
Exploits0References5Affected Software1
SUSE CVE
SUSE CVE
added 2025/11/22 12:23 a.m.6 views

SUSE CVE-2025-64751

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and...

8.2CVSS6.9AI score0.00256EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/11/21 1:24 a.m.4 views

CVE-2025-64751 OpenFGA Improper Policy Enforcement

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and...

5.8CVSS6.5AI score0.00256EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/11/20 10:48 p.m.27 views

OpenFGA Improper Policy Enforcement

Overview OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. Am I Affected? You are affected by this vulnerability if you meet the following...

8.8CVSS6.9AI score0.00256EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2021/11/17 12:0 a.m.37 views

Google Chrome iframe sandbox security bypass vulnerability

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome iframe sandbox that stems from improper policy enforcement in the product's iframe sandbox. An attacker can exploit the vulnerability to bypass security restrictions...

8.8CVSS8.7AI score0.00805EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2020/03/09 12:0 a.m.72 views

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:0322-1 Rating: important References: 1165826 Cross-References: CVE-2020-6420 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for chromiu...

8.8CVSS8.6AI score0.01294EPSS
Exploits0References1
Rows per page
Query Builder