GO-2022-1079 OpenFGA subject to Information Disclosure via streamed-list-objects endpoint in github.com/openfga/openfga

OpenFGA subject to Information Disclosure via streamed-list-objects endpoint in github.com/openfga/openfga...

OpenFGA subject to Information Disclosure via streamed-list-objects endpoint

Overview During our internal security assessment, it was discovered that streamed-list-objects endpoint was not validating the authorization header resulting in the disclosure of objects in the store. Am I Affected? You are affected by this vulnerability if you are using openfga/openfga version...