CVE-2026-55771 in CedarJavaالمعلومات

الملخص

بحسب MITRE • 13/07/2026

CedarJava is an open source Java implementation of the Cedar policy language, used for fine-grained authorization decisions. In versions prior to 4.9.0, the EntityIdentifier.equals() has inverted null/self branches which could lead to incorrect equality comparisons. The EntityIdentifier.equals() method has inverted logic for null and self-reference checks, returning true for null comparisons and false for self-comparisons. This does not affect Cedar authorization decisions (computed in Rust from JSON), but could affect integrators who perform their own equality checks on entity identifiers. This issue has been fixed in version 4.9.0.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

مسؤول

GitHub M

حجز

17/06/2026

إفشاء

13/07/2026

الاعتدال

تمت الموافقة

إدخال

VDB-378153

EPSS

0.00000

KEV

لا

النشاطات

منخفض

المصادر

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!