github.com/openfga/openfga is vulnerable to authorization bypass. The vulnerability is due to a lack of an error if a wildcard is encountered in the ttu
evaluation when the wildcard (``)
is defined in the authorization model’s tuple set relations.