Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-39352

OpenFGA is a high-performance authorization/permission engine inspired by Google Zanzibar. Versions prior to 0.2.5 are vulnerable to authorization bypass under certain conditions. You are affected by this vulnerability if you added a tuple with a wildcard (*) assigned to a tupleset relation (the right hand side of a ‘from’ statement). This issue has been patched in version v0.2.5. This update is not backward compatible with any authorization model that uses wildcard on a tupleset relation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.3%
CVSS Severity
CVSS v3 Score 4.8
Products affected by CVE-2022-39352
  • Openfga » Openfga » Version: 0.0.1
    cpe:2.3:a:openfga:openfga:0.0.1
  • Openfga » Openfga » Version: 0.0.2
    cpe:2.3:a:openfga:openfga:0.0.2
  • Openfga » Openfga » Version: 0.1.0
    cpe:2.3:a:openfga:openfga:0.1.0
  • Openfga » Openfga » Version: 0.1.1
    cpe:2.3:a:openfga:openfga:0.1.1
  • Openfga » Openfga » Version: 0.1.10
    cpe:2.3:a:openfga:openfga:0.1.10
  • Openfga » Openfga » Version: 0.1.11
    cpe:2.3:a:openfga:openfga:0.1.11
  • Openfga » Openfga » Version: 0.1.12
    cpe:2.3:a:openfga:openfga:0.1.12
  • Openfga » Openfga » Version: 0.1.13
    cpe:2.3:a:openfga:openfga:0.1.13
  • Openfga » Openfga » Version: 0.1.14
    cpe:2.3:a:openfga:openfga:0.1.14
  • Openfga » Openfga » Version: 0.1.15
    cpe:2.3:a:openfga:openfga:0.1.15
  • Openfga » Openfga » Version: 0.1.16
    cpe:2.3:a:openfga:openfga:0.1.16
  • Openfga » Openfga » Version: 0.1.17
    cpe:2.3:a:openfga:openfga:0.1.17
  • Openfga » Openfga » Version: 0.1.18
    cpe:2.3:a:openfga:openfga:0.1.18
  • Openfga » Openfga » Version: 0.1.19
    cpe:2.3:a:openfga:openfga:0.1.19
  • Openfga » Openfga » Version: 0.1.2
    cpe:2.3:a:openfga:openfga:0.1.2
  • Openfga » Openfga » Version: 0.1.20
    cpe:2.3:a:openfga:openfga:0.1.20
  • Openfga » Openfga » Version: 0.1.21
    cpe:2.3:a:openfga:openfga:0.1.21
  • Openfga » Openfga » Version: 0.1.22
    cpe:2.3:a:openfga:openfga:0.1.22
  • Openfga » Openfga » Version: 0.1.23
    cpe:2.3:a:openfga:openfga:0.1.23
  • Openfga » Openfga » Version: 0.1.24
    cpe:2.3:a:openfga:openfga:0.1.24
  • Openfga » Openfga » Version: 0.1.25
    cpe:2.3:a:openfga:openfga:0.1.25
  • Openfga » Openfga » Version: 0.1.26
    cpe:2.3:a:openfga:openfga:0.1.26
  • Openfga » Openfga » Version: 0.1.27
    cpe:2.3:a:openfga:openfga:0.1.27
  • Openfga » Openfga » Version: 0.1.28
    cpe:2.3:a:openfga:openfga:0.1.28
  • Openfga » Openfga » Version: 0.1.29
    cpe:2.3:a:openfga:openfga:0.1.29
  • Openfga » Openfga » Version: 0.1.3
    cpe:2.3:a:openfga:openfga:0.1.3
  • Openfga » Openfga » Version: 0.1.30
    cpe:2.3:a:openfga:openfga:0.1.30
  • Openfga » Openfga » Version: 0.1.31
    cpe:2.3:a:openfga:openfga:0.1.31
  • Openfga » Openfga » Version: 0.1.32
    cpe:2.3:a:openfga:openfga:0.1.32
  • Openfga » Openfga » Version: 0.1.33
    cpe:2.3:a:openfga:openfga:0.1.33
  • Openfga » Openfga » Version: 0.1.34
    cpe:2.3:a:openfga:openfga:0.1.34
  • Openfga » Openfga » Version: 0.1.35
    cpe:2.3:a:openfga:openfga:0.1.35
  • Openfga » Openfga » Version: 0.1.36
    cpe:2.3:a:openfga:openfga:0.1.36
  • Openfga » Openfga » Version: 0.1.37
    cpe:2.3:a:openfga:openfga:0.1.37
  • Openfga » Openfga » Version: 0.1.38
    cpe:2.3:a:openfga:openfga:0.1.38
  • Openfga » Openfga » Version: 0.1.39
    cpe:2.3:a:openfga:openfga:0.1.39
  • Openfga » Openfga » Version: 0.1.4
    cpe:2.3:a:openfga:openfga:0.1.4
  • Openfga » Openfga » Version: 0.1.40
    cpe:2.3:a:openfga:openfga:0.1.40
  • Openfga » Openfga » Version: 0.1.41
    cpe:2.3:a:openfga:openfga:0.1.41
  • Openfga » Openfga » Version: 0.1.5
    cpe:2.3:a:openfga:openfga:0.1.5
  • Openfga » Openfga » Version: 0.1.6
    cpe:2.3:a:openfga:openfga:0.1.6
  • Openfga » Openfga » Version: 0.1.7
    cpe:2.3:a:openfga:openfga:0.1.7
  • Openfga » Openfga » Version: 0.1.8
    cpe:2.3:a:openfga:openfga:0.1.8
  • Openfga » Openfga » Version: 0.1.9
    cpe:2.3:a:openfga:openfga:0.1.9
  • Openfga » Openfga » Version: 0.2.0
    cpe:2.3:a:openfga:openfga:0.2.0
  • Openfga » Openfga » Version: 0.2.1
    cpe:2.3:a:openfga:openfga:0.2.1
  • Openfga » Openfga » Version: 0.2.2
    cpe:2.3:a:openfga:openfga:0.2.2
  • Openfga » Openfga » Version: 0.2.3
    cpe:2.3:a:openfga:openfga:0.2.3
  • Openfga » Openfga » Version: 0.2.4
    cpe:2.3:a:openfga:openfga:0.2.4


Products
Pricing
Contact Us

Shodan ® - All rights reserved