github.com/openfga/openfga is vulnerable to authorization bypass. Users whose model has a relation defined as a tupleset
(the right hand side of a from
statement) that involves anything other than a direct relationship are vulnerable to authorization bypass under certain conditions.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/openfga/openfga | le | v0.2.3 | |
github.com/openfga/openfga | le | v0.2.3 |