Vulnerability Details CVE-2025-64751
OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 ( openfga-0.1.34 <= Helm chart <= openfga-0.2.48, v.1.4.0 <= docker <= v.1.11.0) are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. This issue has been patched in version 1.11.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.6%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2025-64751
-
cpe:2.3:a:openfga:helm_charts:0.1.34
-
cpe:2.3:a:openfga:helm_charts:0.1.35
-
cpe:2.3:a:openfga:helm_charts:0.1.36
-
cpe:2.3:a:openfga:helm_charts:0.1.37
-
cpe:2.3:a:openfga:helm_charts:0.1.38
-
cpe:2.3:a:openfga:helm_charts:0.1.39
-
cpe:2.3:a:openfga:helm_charts:0.1.40
-
cpe:2.3:a:openfga:helm_charts:0.1.41
-
cpe:2.3:a:openfga:helm_charts:0.2.0
-
cpe:2.3:a:openfga:helm_charts:0.2.1
-
cpe:2.3:a:openfga:helm_charts:0.2.10
-
cpe:2.3:a:openfga:helm_charts:0.2.11
-
cpe:2.3:a:openfga:helm_charts:0.2.12
-
cpe:2.3:a:openfga:helm_charts:0.2.13
-
cpe:2.3:a:openfga:helm_charts:0.2.14
-
cpe:2.3:a:openfga:helm_charts:0.2.15
-
cpe:2.3:a:openfga:helm_charts:0.2.16
-
cpe:2.3:a:openfga:helm_charts:0.2.17
-
cpe:2.3:a:openfga:helm_charts:0.2.18
-
cpe:2.3:a:openfga:helm_charts:0.2.19
-
cpe:2.3:a:openfga:helm_charts:0.2.2
-
cpe:2.3:a:openfga:helm_charts:0.2.20
-
cpe:2.3:a:openfga:helm_charts:0.2.21
-
cpe:2.3:a:openfga:helm_charts:0.2.22
-
cpe:2.3:a:openfga:helm_charts:0.2.23
-
cpe:2.3:a:openfga:helm_charts:0.2.24
-
cpe:2.3:a:openfga:helm_charts:0.2.25
-
cpe:2.3:a:openfga:helm_charts:0.2.26
-
cpe:2.3:a:openfga:helm_charts:0.2.27
-
cpe:2.3:a:openfga:helm_charts:0.2.28
-
cpe:2.3:a:openfga:helm_charts:0.2.29
-
cpe:2.3:a:openfga:helm_charts:0.2.3
-
cpe:2.3:a:openfga:helm_charts:0.2.30
-
cpe:2.3:a:openfga:helm_charts:0.2.31
-
cpe:2.3:a:openfga:helm_charts:0.2.32
-
cpe:2.3:a:openfga:helm_charts:0.2.33
-
cpe:2.3:a:openfga:helm_charts:0.2.34
-
cpe:2.3:a:openfga:helm_charts:0.2.35
-
cpe:2.3:a:openfga:helm_charts:0.2.36
-
cpe:2.3:a:openfga:helm_charts:0.2.37
-
cpe:2.3:a:openfga:helm_charts:0.2.38
-
cpe:2.3:a:openfga:helm_charts:0.2.39
-
cpe:2.3:a:openfga:helm_charts:0.2.4
-
cpe:2.3:a:openfga:helm_charts:0.2.40
-
cpe:2.3:a:openfga:helm_charts:0.2.41
-
cpe:2.3:a:openfga:helm_charts:0.2.42
-
cpe:2.3:a:openfga:helm_charts:0.2.43
-
cpe:2.3:a:openfga:helm_charts:0.2.44
-
cpe:2.3:a:openfga:helm_charts:0.2.45
-
cpe:2.3:a:openfga:helm_charts:0.2.46
-
cpe:2.3:a:openfga:helm_charts:0.2.47
-
cpe:2.3:a:openfga:helm_charts:0.2.48
-
cpe:2.3:a:openfga:helm_charts:0.2.5
-
cpe:2.3:a:openfga:helm_charts:0.2.6
-
cpe:2.3:a:openfga:helm_charts:0.2.7
-
cpe:2.3:a:openfga:helm_charts:0.2.8
-
cpe:2.3:a:openfga:helm_charts:0.2.9
-
cpe:2.3:a:openfga:openfga:1.10.0
-
cpe:2.3:a:openfga:openfga:1.10.1
-
cpe:2.3:a:openfga:openfga:1.10.2
-
cpe:2.3:a:openfga:openfga:1.10.3
-
cpe:2.3:a:openfga:openfga:1.10.4
-
cpe:2.3:a:openfga:openfga:1.10.5
-
cpe:2.3:a:openfga:openfga:1.11.0
-
cpe:2.3:a:openfga:openfga:1.4.0
-
cpe:2.3:a:openfga:openfga:1.4.1
-
cpe:2.3:a:openfga:openfga:1.4.2
-
cpe:2.3:a:openfga:openfga:1.4.3
-
cpe:2.3:a:openfga:openfga:1.5.0
-
cpe:2.3:a:openfga:openfga:1.5.1
-
cpe:2.3:a:openfga:openfga:1.5.2
-
cpe:2.3:a:openfga:openfga:1.5.3
-
cpe:2.3:a:openfga:openfga:1.5.4
-
cpe:2.3:a:openfga:openfga:1.5.5
-
cpe:2.3:a:openfga:openfga:1.5.6
-
cpe:2.3:a:openfga:openfga:1.5.7
-
cpe:2.3:a:openfga:openfga:1.5.8
-
cpe:2.3:a:openfga:openfga:1.5.9
-
cpe:2.3:a:openfga:openfga:1.6.0
-
cpe:2.3:a:openfga:openfga:1.6.1
-
cpe:2.3:a:openfga:openfga:1.6.2
-
cpe:2.3:a:openfga:openfga:1.7.0
-
cpe:2.3:a:openfga:openfga:1.8.0
-
cpe:2.3:a:openfga:openfga:1.8.1
-
cpe:2.3:a:openfga:openfga:1.8.10
-
cpe:2.3:a:openfga:openfga:1.8.11
-
cpe:2.3:a:openfga:openfga:1.8.12
-
cpe:2.3:a:openfga:openfga:1.8.13
-
cpe:2.3:a:openfga:openfga:1.8.14
-
cpe:2.3:a:openfga:openfga:1.8.15
-
cpe:2.3:a:openfga:openfga:1.8.16
-
cpe:2.3:a:openfga:openfga:1.8.2
-
cpe:2.3:a:openfga:openfga:1.8.3
-
cpe:2.3:a:openfga:openfga:1.8.4
-
cpe:2.3:a:openfga:openfga:1.8.5
-
cpe:2.3:a:openfga:openfga:1.8.6
-
cpe:2.3:a:openfga:openfga:1.8.7
-
cpe:2.3:a:openfga:openfga:1.8.8
-
cpe:2.3:a:openfga:openfga:1.8.9
-
cpe:2.3:a:openfga:openfga:1.9.0
-
cpe:2.3:a:openfga:openfga:1.9.2
-
cpe:2.3:a:openfga:openfga:1.9.3
-
cpe:2.3:a:openfga:openfga:1.9.4
-
cpe:2.3:a:openfga:openfga:1.9.5