github.com/openfga/openfga is vulnerable to information disclosure. The vulnerability is due to improper validation for the streamed-list-objects
endpoint in the authorization header, allowing an attacker to gain sensitive information through the objects in the store.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/openfga/openfga | le | v0.2.3 | |
github.com/openfga/openfga | le | v0.2.3 |