data/reports/GO-2025-3894.yaml - vulndb - Git at Google

 id: GO-2025-3894
 modules:
     - module: github.com/openfga/openfga
       versions:
         - introduced: 1.9.3
         - fixed: 1.9.5
       vulnerable_at: 1.9.4
 summary: OpenFGA Authorization Bypass in github.com/openfga/openfga
 cves:
     - CVE-2025-55213
 ghsas:
     - GHSA-mgh9-4mwp-fg55
 references:
     - advisory: https://github.com/openfga/openfga/security/advisories/GHSA-mgh9-4mwp-fg55
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2025-55213
     - fix: https://github.com/openfga/openfga/commit/1a7e0e37fc4777c824b2386cac4867a66f3480b0
 source:
     id: GHSA-mgh9-4mwp-fg55
     created: 2025-08-27T18:27:37.898853618Z
 review_status: UNREVIEWED
	id: GO-2025-3894
	modules:
	- module: github.com/openfga/openfga
	versions:
	- introduced: 1.9.3
	- fixed: 1.9.5
	vulnerable_at: 1.9.4
	summary: OpenFGA Authorization Bypass in github.com/openfga/openfga
	cves:
	- CVE-2025-55213
	ghsas:
	- GHSA-mgh9-4mwp-fg55
	references:
	- advisory: https://github.com/openfga/openfga/security/advisories/GHSA-mgh9-4mwp-fg55
	- advisory: https://nvd.nist.gov/vuln/detail/CVE-2025-55213
	- fix: https://github.com/openfga/openfga/commit/1a7e0e37fc4777c824b2386cac4867a66f3480b0
	source:
	id: GHSA-mgh9-4mwp-fg55
	created: 2025-08-27T18:27:37.898853618Z
	review_status: UNREVIEWED