We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-48371

OpenFGA Authorization Bypass



Description

OpenFGA is an authorization/permission engine. OpenFGA versions 1.8.0 through 1.8.12 (corresponding to Helm chart openfga-0.2.16 through openfga-0.2.30 and docker 1.8.0 through 1.8.12) are vulnerable to authorization bypass when certain Check and ListObject calls are executed. Users are affected under four specific conditions: First, calling Check API or ListObjects with an authorization model that has a relationship directly assignable by both type bound public access and userset; second, there are check or list object queries with contextual tuples for the relationship that can be directly assignable by both type bound public access and userset; third, those contextual tuples’s user field is an userset; and finally, type bound public access tuples are not assigned to the relationship. Users should upgrade to version 1.8.13 to receive a patch. The upgrade is backwards compatible.

Reserved 2025-05-19 | Published 2025-05-22 | Updated 2025-05-23 | Assigner GitHub_M


MEDIUM: 5.8CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

Problem types

CWE-285: Improper Authorization

Product status

>= 1.8.0, < 1.8.13
affected

References

github.com/...penfga/security/advisories/GHSA-c72g-53hw-82q7

github.com/...ommit/e5960d4eba92b723de8ff3a5346a07f50c1379ca

cve.org (CVE-2025-48371)

nvd.nist.gov (CVE-2025-48371)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-48371

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.