2 matches found
CVE-2022-39341
OpenFGA is an authorization/permission engine. Versions prior to version 0.2.4 are vulnerable to authorization bypass under certain conditions. Users who have wildcard defined on tupleset relations in their authorization model are vulnerable. Version 0.2.4 contains a patch for this issue...
OpenFGA 安全漏洞
OpenFGA is OpenFGA's high performance and flexible authorization/licensing engine built for developers and inspired by Google Zanzibar. A security vulnerability exists in versions of OpenFGA prior to 0.2.4, which stems from the ease of bypassing authorization under certain circumstances...