CVE-2025-48371
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-48371
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-48371.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-48371
- Aliases
- Downstream
- Related
- Published
- 2025-05-22T22:20:37Z
- Modified
- 2025-11-09T19:54:10.927583Z
- Severity
-
- 5.8 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H CVSS Calculator
- Summary
- OpenFGA Authorization Bypass
- Details
-
OpenFGA is an authorization/permission engine. OpenFGA versions 1.8.0 through 1.8.12 (corresponding to Helm chart openfga-0.2.16 through openfga-0.2.30 and docker 1.8.0 through 1.8.12) are vulnerable to authorization bypass when certain Check and ListObject calls are executed. Users are affected under four specific conditions: First, calling Check API or ListObjects with an authorization model that has a relationship directly assignable by both type bound public access and userset; second, there are check or list object queries with contextual tuples for the relationship that can be directly assignable by both type bound public access and userset; third, those contextual tuples’s user field is an userset; and finally, type bound public access tuples are not assigned to the relationship. Users should upgrade to version 1.8.13 to receive a patch. The upgrade is backwards compatible.
- Database specific
{ "cwe_ids": [ "CWE-285" ] }- References