HIGH8.1CVE-2024-31452OpenFGA Authorization Bypass in github.com/openfga/openfga >= 1.5.0, < 1.5.3
HIGH8.1CVE-2024-31452OpenFGA Authorization Bypass in github.com/openfga/openfga >= 1.5.0, < 1.5.3
HIGH7.5CVE-2024-42473OpenFGA Authorization Bypass in github.com/openfga/openfga >= 1.5.7, < 1.5.9
HIGH7.5OpenFGA Authorization Bypass in github.com/openfga/openfga
>= 1.5.7, < 1.5.9
HIGH7.5OpenFGA DoS vulnerability in github.com/openfga/openfga
from 0, < 1.3.4
HIGH7.5OpenFGA DoS vulnerability in github.com/openfga/openfga
from 0, < 1.3.4
MEDIUM6.5OpenFGA: Unauthenticated playground endpoint discloses preshared API key in HTML response
>= 0.1.4, < 1.14.0
MEDIUM6.5OpenFGA Authorization Bypass in github.com/openfga/openfga
from 0, < 1.3.1
MEDIUM6.5OpenFGA Authorization Bypass in github.com/openfga/openfga
from 0, < 1.3.1
MEDIUM5.9OpenFGA Vulnerable to DoS from circular relationship definitions in github.com/openfga/openfga
from 0, < 1.3.2
MEDIUM5.9OpenFGA Vulnerable to DoS from circular relationship definitions in github.com/openfga/openfga
from 0, < 1.3.2
MEDIUM5.9Denial of service in github.com/openfga/openfga
from 0, < 1.1.1
MEDIUM5.9Denial of service in github.com/openfga/openfga
from 0, < 1.1.1
MEDIUM5.9OpenFGA Authorization Bypass via tupleset wildcard in github.com/openfga/openfga
from 0, < 0.2.4
MEDIUM5.9OpenFGA Authorization Bypass via tupleset wildcard in github.com/openfga/openfga
from 0, < 0.2.4
MEDIUM5.9OpenFGA Authorization Bypass in github.com/openfga/openfga
from 0, < 0.2.4
MEDIUM5.9OpenFGA Authorization Bypass in github.com/openfga/openfga
from 0, < 0.2.4
MEDIUM5.3OpenFGA denial of service in github.com/openfga/openfga
from 0, < 1.4.3
MEDIUM5.3OpenFGA denial of service in github.com/openfga/openfga
from 0, < 1.4.3
MEDIUM5.3OpenFGA subject to Information Disclosure via streamed-list-objects endpoint in github.com/openfga/openfga
from 0, < 0.2.4
MEDIUM5.3OpenFGA subject to Information Disclosure via streamed-list-objects endpoint in github.com/openfga/openfga
from 0, < 0.2.4
MEDIUM5.0OpenFGA has cache-key delimiter injection in shared-iterator and v2 iterator that caches enables intra-store authorization-decision poisoning
from 0, < 1.16.0
MEDIUM5.0OpenFGA has Improper Policy Enforcement
from 0, < 1.14.1
MEDIUM5.0OpenFGA's BatchCheck within-request deduplication produces incorrect authorization decisions via list-value cache-key collision
>= 1.8.0, < 1.14.0
MEDIUM4.8OpenFGA Authorization Bypass in github.com/openfga/openfga
from 0, < 0.2.5
MEDIUM4.8OpenFGA Authorization Bypass in github.com/openfga/openfga
from 0, < 0.2.5
—OpenFGA has an Authorization Bypass through cached keys in github.com/openfga/openfga
from 0, < 1.13.1
—OpenFGA has an Authorization Bypass through cached keys in github.com/openfga/openfga
from 0, < 1.13.1
—OpenFGA Improper Policy Enforcement in github.com/openfga/openfga
>= 1.8.5, < 1.11.3
—OpenFGA Improper Policy Enforcement in github.com/openfga/openfga
>= 1.8.5, < 1.11.3
—OpenFGA Improper Policy Enforcement in github.com/openfga/openfga
>= 1.4.0, < 1.11.1
—OpenFGA Improper Policy Enforcement in github.com/openfga/openfga
>= 1.4.0, < 1.11.1
—OpenFGA Authorization Bypass in github.com/openfga/openfga
>= 1.9.3, < 1.9.5
—OpenFGA Authorization Bypass in github.com/openfga/openfga
>= 1.9.3, < 1.9.5
—OpenFGA Authorization Bypass in github.com/openfga/openfga
>= 1.8.0, < 1.8.13
—OpenFGA Authorization Bypass in github.com/openfga/openfga
>= 1.8.0, < 1.8.13
—OpenFGA Authorization Bypass in github.com/openfga/openfga
>= 1.3.6, < 1.8.11
—OpenFGA Authorization Bypass in github.com/openfga/openfga
>= 1.3.6, < 1.8.11
—OpenFGA Authorization Bypass in github.com/openfga/openfga
from 0, < 1.8.5
—OpenFGA Authorization Bypass in github.com/openfga/openfga
from 0, < 1.8.5
—OpenFGA Authorization Bypass in github.com/openfga/openfga
>= 1.3.8, < 1.8.3
—OpenFGA Authorization Bypass in github.com/openfga/openfga
>= 1.3.8, < 1.8.3
—OpenFGA Authorization Bypass in github.com/openfga/openfga
>= 0.3.0, < 0.3.1
—OpenFGA Authorization Bypass in github.com/openfga/openfga
>= 0.3.0, < 0.3.1