CVE-2022-23542 in OpenFGAالمعلومات

الملخص

بحسب MITRE • 21/12/2022

OpenFGA is an authorization/permission engine built for developers and inspired by Google Zanzibar. During an internal security assessment, it was discovered that OpenFGA version 0.3.0 is vulnerable to authorization bypass under certain conditions. This issue has been patched in version 0.3.1 and is backward compatible.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

مسؤول

GitHub, Inc.

حجز

19/01/2022

إفشاء

21/12/2022

الاعتدال

تمت الموافقة

إدخال

VDB-216368

EPSS

0.00910

KEV

لا

النشاطات

منخفض جدًا

المصادر

Interested in the pricing of exploits?

See the underground prices here!