You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
OpenFGA DoS vulnerability
High severity
GitHub Reviewed
Published
Oct 17, 2023
in
openfga/openfga
•
Updated Nov 12, 2023
OpenFGA is vulnerable to a DoS attack. When a number of ListObjects calls are executed, in some scenarios, those calls are not releasing resources even after a response has been sent, and the service as a whole becomes unresponsive.
Fix
Upgrade to v1.3.4. This upgrade is backwards compatible.
Overview
OpenFGA is vulnerable to a DoS attack. When a number of ListObjects calls are executed, in some scenarios, those calls are not releasing resources even after a response has been sent, and the service as a whole becomes unresponsive.
Fix
Upgrade to v1.3.4. This upgrade is backwards compatible.
References