2 matches found
SQL Injection
Overview dagster is a Dagster is an orchestration platform for the development, production, and observation of data assets. Affected versions of this package are vulnerable to SQL Injection via the construction of SQL WHERE clauses in database I/O manager integrations. An attacker can execute...
OpenFGA has an Authorization Bypass through cached keys
Description In OpenFGA, under specific conditions, models using conditions with caching enabled can result in two different check requests producing the same cache key. This can result in OpenFGA reusing an earlier cached result for a different request. Am I Affected? Users are affected if the...