CVE-2025-55213

Medium CVSS: 5.8

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.9.3 to v1.9.4 ( openfga-0.2.40 <= Helm chart <= openfga-0.2.41, v1.9.3 <= docker <= v.1.9.4) are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. This vulnerability is fixed in 1.9.5.

Vendor

Openfga

Product

Helm Charts

CWE

CWE-863

Yayın Tarihi

2025-08-18 20:15:29

Güncelleme

2026-01-14 17:10:47

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-863 Helm Charts MEDIUM Openfga 2025

Referanslar

https://github.com/openfga/openfga/commit/1a7e0e37fc4777c824b2386cac4867a66f3480b0 https://github.com/openfga/openfga/security/advisories/GHSA-mgh9-4mwp-fg55

Benzer Kayıtlar

Medium

CVE-2026-24851

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Z…

Medium

CVE-2025-64751

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Z…

Medium

CVE-2025-48371

OpenFGA is an authorization/permission engine. OpenFGA versions 1.8.0 through 1.8.12 (corresponding to Helm chart openfg…

Medium

CVE-2025-25196

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Z…

Medium

CVE-2024-56323

OpenFGA is an authorization/permission engine. IN OpenFGA v1.3.8 to v1.8.2 (Helm chart openfga-0.1.38 to openfga-0.2.19,…